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Introduction 


This small book is full of small scripts that can be used by system 
administrators to improve the efficiency of their day-to-day IT operations. 
PowerShell Fast Track is for experienced IT administrators who want to 
utilize scripting and implement IT automations. Just copy/paste code 
blocks from the book/links to make simple to complex scripts. You can 
consider it your own personal scripting cheat book, like the cheat codes 
gamers utilize to ace electronic games. What it really is, however, is a 
practical guide, because it will get you started in automating much of your 
work. 


Any source code or other supplementary material referenced by the author 
in this book is available to readers on GitHub via the book’s product page, 
located at www.apress.com/978 1484277584. For more detailed 
information, please visit www.apress.com/source-code. 
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1. PowerShell Basics 


Vikas Sukhijai 


(1) 

Waterloo, ON, Canada 
Let’s start with basic elements and quickly review variables, loops, if/ 
else statements, switches, and functions. These are the heart of any 
scripting language, and will assist you in creating simple to complex 
scripts. 

I will not delve into PowerShell versions or what PowerShell is. (But 
here is an easy-to-understand definition without going into depth: 
PowerShell is a task automation solution made up of a command-line shell 
and a scripting language.) I also won’t talk about what platforms it can be 
used on or get and set commands, because this is not an in-depth book for 
learning the language. 

The intent of this book is to teach you how to create scripts without 
having a deep knowledge of under-the-hood elements. This is an approach 
I’ve used successfully with many students. They gradually became well- 
versed with the language. 

Not everyone is from a programming background and not everyone is 
adept at creating code. However, by following the approach described in 
this book, you will be able to quickly create your own scripts and automate 
IT systems/processes. 


Note 
All source code used in the book can be accessed by clicking the 


Download Source Code button located at 
www.apress.com/9781484277584 (follow the listing numbers). 


Variables and Printing 


To begin, you need to understand the basics, which include variables and 
arrays. Every variable in PowerShell starts with a dollar sign ($), such as 


Sa=u"\" 
Sb = "Vikas" 

When you type $a and $b, values will be displayed, as shown in 
Figure 1-1. 


£3 Windows PowerShell 


Figure 1-1Variables in PowerShell 

Now you can use Write-host to print this to the screen: 
Input: PS C:\> Write-host Sa 
Output: 1 


Input: PS C:\> Write-host $b 
Output: vikas 


Tip 


Make it a rule to use quotes when assigning values to variables, as 
shown above in the two examples. 


Let’s change the foreground color of what is being displayed by Write- 
host: 


Input: PS C:\> Write-host $b -ForegroundColor Green 
Output: vikas 
Input: PS C:\> Write-host "processing .......... Y= 
ForegroundColor Green 
Output: processing .......... 
PS C:\> 

Figure 1-2 shows the results. 


Be Windows Powe Shel an oc 


processing 
IPS C:\> 


Figure 1-2Using the Write-host variable 


Let’s illustrate arrays quickly. In PowerShell, arrays can be defined in 
the same way as variables. Here are some examples: 


Sb = TAN EB CN ee oa 

If you define it as a variable and separate the elements by a comma, 
PowerShell automatically understands that it is an array, as shown in 
Figure 1-3. 


IPS GeX> $b — eA VB Ls Chae wpe VEY 
IPS Cz\> $b 


Figure 1-3 Array illustration 
The proper way of defining an array is as follows because it is 


understood from the syntax itself that it is an array (as shown in Figure 
1-4): 


Sc= @("serverl", "server2") 


Ea] Windows PowesShe ee 


c= @C"serverl"”, ’server2"> 


serverl 


Figure 1-4Array syntax 


A dynamic array can be defined as @ (). You will use this type in 
examples in this book to add elements in the array and generate reports: 


Sd = @() 


If/Else Switch 


If else is condition-based processing. It is the basis of any scripting 
language. If some condition is true, you need to process something; 
otherwise, process some other thing. 

Listing 1-1 shows two examples. First, you define a variable value as 
10 and then you use the conditional operators and if else statements to 
check if it’s greater than 9 or if it’s less than 9. Based on the result, you use 
Write-—host to print it to screen as shown in Figure 1-5. 

Note that —gt means greater than and —1t means less than. Do not 
worry; I will quickly go through them in the next subsection. 


[int]$a= "10" 


if($a -gt "9") 
{ 


write-host "True" —foregroundcolor Green 
jelse { 
Write-host "False" -—foregroundcolor Red 


} 


Listing 1-I1Example Code for Greater Than Operator Usage in If/Else 

Yes, [int] that means integer. If you use a prefix before the variable, it 
means you have exclusively defined it as an integer. Defining it is always 
better but if you don’t, PowerShell is intelligent enough to do it implicitly. 
These are called datatypes, and they include [string], [char], [int], [array], 
etc. 


Bx Windows PowerShell 


§ Cz\> if<Sa -gt "9"D< 
>> wreite-host “True” —foregroundcolor Green> 
4 else <Weite-host “False” -foregroundcolor Red> 


Figure 1-5Showing -gt usage in if/else 
Listing 1-2 and Figure 1-6 show a less than operator usage snippet. 
[int]$a= "10" 


if(S$a -1t "9"){ 


write-host "True" —foregroundcolor Green 
jelse { 
Write-host "False" -—foregroundcolor Red 


} 
Listing 1-2Example Code for the Less Than Operator Usage in If/Else 


23 Windows PowerShell 


a= "16" 
Cz\> ifeéa a aes 
>> write-host “True” —foregroundcolor Green> 


a else <Write-host “False” —-foregroundcolor Red> 


Figure 1-6Showing -lt usage in if/else 


Conditional/Logical Operators 


Below is a list of conditional/logical operators that you will use in your 
everyday scripts. Without them, many scripting operations would not be 
possible. They will always be used in comparison if else statements as 
shown in the above parent section. 


-eq Equal 

-ne Not equal 

-ge Greater than or equal 

—gt Greater than 

-1t Less than 

-le Less than or equal 

-like Wildcard comparison 
-notlike Wildcard comparison 
-match Regular expression comparison 
-notmatch Regular expression comparison 
-replace Replace operator 
-contains Containment operator 
-notcontains Containment operator 


Logical Operators 


—and Logical AND 
-or Logical OR 
-not Logical NOT 


! Logical NOT 


Logical operators are used when you want to combine the conditions. 
Let’s update the above example to the code shown in Listing 1-3. You will 
print true if the value of variable $a is less than 9 or equals to 10. Here 
you have combined two conditions. Since it is the OR operator, TRUE will 
be returned if one of them matches. Here the second condition, $a -—eq 
"10", matches if a value is equal to 10. See the results in Figure 1-7. 


[int]$a= "10" 


If((Sa -1t "9") -or (Sa -eq "10")) { 
write-host "True" —foregroundcolor Green 
jelse { 

Write-host "False" —foregroundcolor Red} 


Listing 1-3Example Code Showing Logical -or Operator 


E Windows PowerShell 


Figure 1-7Showing logical -or operator 


If you use the AND operator, then both conditions should match if you 
want to return TRUE, which will not happen in the above case. See Listing 
1-4 and Figure 1-8. 


[int] $a= "10" 


Tf(($a -1t "9") -and (Sa -eq "10")) { 


write-host "True" -—foregroundcolor Green 
jelse { 
Write-host "False" —foregroundcolor Red} 


Listing 1-4Code Showing Logical -and Operator 


E Windows PowerShell 


}int 


|S: 


Figure 1-8Showing logical -and operator 


Not is for negation. I generally don’t use it often. In my experience, it 
causes human error if you are in hurry and do not think it through enough. 


Loops 


There are two main loops in any scripting language and that is true for 
PowerShell as well. There are others but they are all variants of these two. 


For Loop and While Loop 
For Loop 


There are three iterations of for loops in PowerShell: 


¢ foreach 
* foreach-object 
¢ for 


Let’s differentiate between the three for loops by looking at the 
examples. 


foreach: You need to specifya foreach $variablein 
Scollection: foreach ($i in $x). 


Note 
You combine the if else and comparison operators in Listing 1-5. 


You can see the results in Figure 1-9. 


Sx=@ Co, WO", LS ue Fe wa") 


foreach (Si in $x) { 

if ($i -lt 2) { write-host "$i is Green" - 
foregroundcolor Green 

} 

else{ write-host "Si is yellow" - 

foregroundcolor yellow 

} 

} 


Listing 1-5Code Showing a foreach Loop 


EX Windows PowerShell 


Figure 1-9Showing a foreach loop 


foreach-object: You use a PIPE with the collection to achieve the 
same thing (see Listing 1-6 and Figure 1-10): 
$x | foreach-object 


Sx=@ Gh wo" WO" ; wan) 


$x | foreach-object { 

if ($_ -lt 2) { write-host "$_ is Green" - 
foregroundcolor Green 
} 

else{ write-host "S_ is yellow" - 
foregroundcolor yellow 


} 


Listing 1-6Code Showing a foreach-object Loop 


ES Windows PowerShe 

C:\> $x=-@("1","2","3",,"4") 

Ek> 

C:\> $x | foreach-object{ 

>> if ($_ -1t 2) { write-host "$_ is Green” -foregroundcolor Green 
>> 

>>  else{ write-host "$_ is yellow” -foregroundcolor yellow 
>> } 

>> } 

1 is Green 

2 is yellow 

3 is yellow 

4 is yellow 

C:\> 


Figure 1-10Showing a foreach-object loop 


for: This is the one you will remember from your school days. I have 
not used it much and see less usage across the community. See the code in 
Listing 1-7 and the results in Figure 1-11. 


for(Sx=1; Sx -le 5; Sx++){ 

if($x -lt 2) {write-host "Sx is Green" — 
foregroundcolor Green 

} 

else{ write-host "$x is yellow" -—foregroundcolor 
yellow 

} 


Listing 1-7Code Showing a for Loop 


EX Windows PowerShell 

C:\> for($x=1; $x -le 5; $x++){ 

>> if($x -1t 2){write-host "$x is Green” -foregroundcolor Green 
>>}, 

>>  else{ write-host “$x is yellow” -foregroundcolor yellow 


Figure I-11Showing a for loop 


While Loop 


The while loop is different because it lasts until the condition is true. 
Let’s go through some examples to get more clarity. 
The while loop also has two iterations: 


7 do-while 
. while 
For do-—while you do something until some condition is met. In 


Listing 1-8, variable x = 0 and inside the variable you increment its 
value until it is not equal to 4. See Figure 1-12 for the result. 


Note 


You are doing the thing first and matching the condition later. 


Sx= 0 


Do {$xt+ 
if($x -1lt 2) {write-host "Sx is Green" —- 
foregroundcolor Green 

} 
else{ write-host "Sx is yellow" —- 
foregroundcolor yellow 

} 

}while ($x -ne 4) 


Listing 1-8Code Showing a do-while Loop 


ES Windows PowerShell 


Figure 1-12Showing a do-while loop 
For while, you are also doing something until some condition 


is met. In Listing 1-9, variable x = 0 and inside the variable you 
increment its value until it is not equal to 4. 


Note 


You are checking first and doing the thing after that. 


The main difference between the two, as you can see, is the while loop 
(an example of which is shown in Listing 1-9) checks the condition before 
the loop (iteration) but do-—while does the checks after the execution. 
See Figure 1-13 for the result. 


Sx= 0 


while($x -ne 4) {$x++ 
if ($x -lt 2){write-host "$x is Green" - 
foregroundcolor Green 

} 

else{ write-host "$x is yellow" -— 
foregroundcolor yellow 

} 
} 


Listing 1-9Code Showing the while Loop 


EB Windows PowerShell 


Figure 1-13Showing a while loop 


Functions 


Functions are entities that, once defined, can be called anywhere in the 
script. Using functions avoids repetitive, lengthy code. Here’s a glimpse for 
better understanding. I will not go in any details about parametrization and 
advanced functionalities of a function as my main motive here is a little bit 
of understanding and combining the code together to get the work done. In 
Listing 1-10, you create an Add function to add two numbers. The result is 
shown in Figure 1-14. 


Function Add ($al, $b1l) 
{ 

Sal + Sbl 

} 


Listing 1-10Example Code Showing an Add Function of Two Numbers 
Add 5 6 # Call function 


ES Windows PowerShell 


Figure 1-14Showing an Add function of two numbers 


Similarly, you can create this for three or more numbers. See Listing 
1-11 and Figure 1-15. 


Function Add (S$al, $bl1, $cl) 
{ 

Sal + Sbl1 +$cl 

} 


Listing 1-11Example Code Showing an Add Function of Three Numbers 
Add 5 6 9 # Call function 


E Windows PowerShell 


Figure 1-15Showing an Add function of three numbers 


Summary 


In this chapter, you learned about PowerShell basics such as variables, 
arrays, if/else statements, and loops, which are the building blocks for 
creating powerful scripts in a production environment. These basics will be 


utilized further in the following chapters. 
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2. Date and Logs 


Vikas Sukhijai 


(1) 

Waterloo, ON, Canada 
To create scripts, it is essential to understand how to use the date and time 
cmdlet to timestamp different types of operations, such as creating a time- 
stamped log file. I will share a cheat function that you can utilize inside 
your scripts to create a time-stamped log as well as time-stamped entries 
inside the script. 

Let’s go through some date and time illustrations before utilizing the 
Write-Log function that I have already created for you. (This is the first 
actual cheat code that you will utilize in your scripts!) 

The get-date command provides you with the current date and 
time, as shown in Figure 2-1. 

EX Windows PowerShell 

:\> get-date 


nday, September 6, 2021 2:45:21 PM 


:\> 


Figure 2-1Showing the get-date cmdlet 


To format it in a manner that will allow it to be used in file names and 
other instances, the format keyword can be used as shown in Figure 2-2: 
get-date —-format d 


EX Windows PowerShell 
:\> get-date 


nday, September 6, 2021 2:47:37 PM 


:\> get-date -Format d 
/6/2021 
rib 


Figure 2-2Showing date formatting 


Listing 2-1 shows the date and time used in a file name. 


Sdate = get-date -format d # 

formatting 

Sdate = S$date.ToString().Replace("/", "-") # replace 

/ with - 

Stime get-date -format t # only show time 

Stime = Stime.ToString().Replace(":", "-") # replace 
with — 

Stime = Stime.ToString().Replace(" ", "") 


Sm = get-date 
Smonth = Sm.month #getting month 
Syear = Sm.year #getting year 


Listing 2-1Code for Date and Time Used in a File Name 
Examples: - (now gluing them all together) 


#based on date 
Slogl = ".\Processed\Logs" + "\" + "skipcsv_" + Sdate 


#based on month and year 
Slog2 = ".\Processed\Logs" + "\" + "Created_" + 
Smonth +"_" + Syear +"_.log" 


#based on date and time 
Soutputl = ".\" + "G_Testlog_" + $date + "_" + Stime 
+ "_.csv" 


Note 


Always define the current working folder. 


Date Manipulation 


You saw that get-—date can get you the current date and time. You can 
manipulate it according to the needs of your scripting solution. Here I will 
demonstrate briefly how to perform operations such as getting the first and 
last day of the month and getting a midnight date time stamp. 

To get the first and last day of the month, you can use the code in 
Listing 2-2. See Figure 2-3 for the results. 


Sdate= Get-Date -Day 01 
Slastday = ((Get-Date -day 
01) .AddMonths (1) ) .AddDays (-1) 


Sstart = Sdate 
Send = Slastday 


Listing 2-2Code for Fetching the First and Last Day of the Month 


E Windows PowerShell 


:\> $date= Get-Date -Day @1 

:\> $lastday = ((Get-Date -day 01) .AddMonths(1)).AddDays(-1) 
=\> 

:\> $start = $date 

:\> $end = $lastday 

:\> $start 


lednesday, September 1, 2021 2:56:25 PM 


:\> $end 


hursday, September 30, 2021 2:56:32 PM 


=\> 


Figure 2-3Showing the first and last day of the month 


To get the midnight stamp, simply use this one-liner (and see Figure 
2-4): 


E Windows PowerShell 
:\> Get-Date -Hour @ -Minute @ -Second @ 


onday, September 6, 2021 12:00:00 AM 


2\5 


Figure 2-4Showing how to get the midnight date time stamp 


Get-Date -Hour 0 -Minute 0 -Second 0 


Creating Folders Based on a Date 


There can be situations in the real world in which you want to create 
folders based on the current date, such as making a SharePoint 
configuration backup every day and placing it in the date stamp folder. 
Listing 2-3 shows the code that can be utilized to do this task and Figure 
2-5 shows the results. 


SDname = ((get-date) .AddDays (0) .toString('yyyyMMdd") ) 
#date manipulation 

SdirName = "ConfigBackup_SDname" #prefix for the 
folder 


New-Item -Path c:\temp -Name SdirName -ItemType 
directory 


Listing 2-3Code for Creating a Folder Structure Based on a Date 


:\temp> $Dname = ((get-date) .AddDays(®) .toString('yyyyMMdd')) 
:\temp> $dirName = “ConfigBackup_$Dname” 
:\temp> New-Item -Path c:\temp -Name $dirName -ItemType directory 


Directory: C:\temp 


de LastWriteTime Length Name 
----- 9/6/2021 2:59 PM ConfigBackup_20210906 
temp> 
= | te = O 
ome Share View 
=| x f-| [Sh 4 select all 
eB Ka @ Move to’ 3X Delete ~ ] in v| =f select 
Ww x fi- = ? Select none 
opy Paste [a Copy to =] Rename ere Las & invert <election 
»board Organize New Open Select 
ft | « OSDis.. > temp v oO Search temp 
exposure “ Name Date modified Type 
_— 1. ConfigBackup_20210906 9/6/2021 2:59PM _File folder 


Figure 2-5Creating a folder structure based on a date 


Ready-Made Date and Log 
Functions 


Here are three ready-made functions that you can copy and paste inside 
your scripts as per your requirements. Towards the end of this book, I will 
demonstrate how to create a complete script by using all the ready-made 
functions or code shared in this book. 

Write-Log function : It uses another function named New- 
FolderCreation, which can be used separately if required. See Listing 
2-4. 


function New-FolderCreation 


{ 


[CmdletBinding() ] 
param 
( 
[Parameter (Mandatory = Strue) ] 
[string] $foldername 
) 
Slogpath = (Get-Location).path + "\" + 
"Sfoldername" 
Stestlogpath = Test-—Path -Path Slogpath 
if (Stestlogpath -eq Sfalse) 
{ 
#Start—ProgressBar -Title "Creating $foldername 
folder" -Timer 10 
Snull = New-Item -Path (Get-—Location) .path -Name 
Sfoldername -Type directory 
} 


}#New-FolderCreation 


function Write-Log 
{ 

[CmdletBinding() ] 

param 

( 
[Parameter (Mandatory = Strue,ParameterSetName = 
"Create') 
[array] $Name, 
[Parameter (Mandatory = Strue,ParameterSetName = 
"Create') 
[string] SExt, 
[Parameter (Mandatory 
"Create') 
[string] $folder, 
[Parameter (ParameterSetName = 'Create',Position 
0)] [switch]$Create, 
[Parameter (Mandatory 
"Message') 
[String] $message, 
[Parameter (Mandatory 
"Message') 
[String] $path, 
[Parameter (Mandatory = $false,ParameterSetName = 
"Message') 


Strue,ParameterSetName = 


Strue, ParameterSetName 


Strue, ParameterSetName 


[ValidateSet ('Information', 'Warning', 'Error') ] 
[string]$Severity = 'Information', 
[Parameter (ParameterSetName = 'Message', Position 
= 0)] [Switch] $MSG 
) 
switch ($PsCmdlet.ParameterSetName) { 
"Create" 
{ 
Slog = @() 
Sdatel = Get-Date -Format d 
Sdatel = S$datel.ToString().Replace("/", "-") 
Stime = Get-Date -Format t 


wim) 


Stime = Stime.ToString().Replace(":", 

Stime = Stime.ToString().Replace(" ", "") 

New-FolderCreation -foldername S$folder 

foreach (Sn in SName) 

{Slog += (Get-Location) .Path + "\" + $folder + 
"A" + Sn + "_" + Sdatel + "_" + Stime + "_.SExt"} 

return Slog 


"Message" 
{ 
Sdate = Get-Date 
$Sconcatmessage = "|Sdate" + "| |" + $message 
+"| |" + "SSeverity|" 
switch (SSeverity) { 
"Information"{Write-Host —-Object 
Sconcatmessage —ForegroundColor Green} 
"Warning"{Write-Host -Object $concatmessage — 
ForegroundColor Yellow} 
"Error"{Write-Host -Object Sconcatmessage -— 
ForegroundColor Red} 


} 


Add-Content -Path $path -Value Sconcatmessage 


} 
} #Function Write-Log 

Listing 2-4Code for Write-Log Function 

To create a log file, you can simply use it as below (it will auto-create 
the folders): 


Slog = Write-Log -Name "Name-Log" -folder "logs" —Ext 
Ww log" 
To create a CSV file for report purposes, you can use it like so: 


SReportl = Write-Log -Name "MAM-Report" -—folder 
"Report" -Ext "csv" 
To write the information to a log file, you can use 


Write-log -Message "Connect to Intune" -path Slog 
To write a warning to a log file, you can use 


Write-log -Message "Connect to Intune" -path Slog - 
Severity Warning 
To write an error to a log file, you can use 


Write-Log —-Message "Error loading Modules" -path $log 
—-Severity Error 
Figure 2-6 shows the Write—Log operation in the PowerShell 


console. 

E Windows PowerShell 

:\temp> $log = Write-Log -Name “Name-Log" -folder “logs” -Ext “log” 

:\temp> $log 

:\temp\logs\Name-Log 9-6-2021 3-@2PM_.log 

:\temp> $Reportl = Write-Log -Name “MAM-Report™ -folder “Report™ -Ext “csv” 
:\temp> $Report1 

:\temp\Report\MAM-Report_9-6-2021_3-@3PM_.csv 
:\temp> Write-log -Message "Connect to Intune" -path $log 

| 09/06/2021 15:03:19] |Connect to Intune] [Information| 
:\temp> Write-log -Message "Connect to Intune™ -path $log -Severity Warning 


|@9/06/2021 15:03:28] |Connect to Intune| |Warning| 
:\temp> Write-Log -Message “Error loading Modules" -path $log -Severity Error 


|Error| 


09/06/2021 15:03:34] |Error loading Modules 


:\temp> 


Figure 2-6Write-Log operation 


The log file is created is under the logs folder and will create a 
structural log text as shown in Figure 2-7. 


his PC > OSDisk (C:) > temp > logs 


nN 


Name Date modified Type 


[=] Name-Log_8-11-2021_8-04AM_ 8/11/2021 8:05 AM Text Document 


| Name-Log_8-11-2021_8-04AM_ - Notepad = 
File Edit Format View Help 


||o8/11/2021 08:05:35] |Connect to Intune|  |Information| 
|@8/11/2021 @8:05:44| |Connect to Intune| |Warning] 
|@8/11/2021 08:05:52| |Error loading Modules|  |Error| 


Figure 2-7Log file created after using the Write-Log function 


Set-Recyclelogs function: This will delete the files based on a number 
of days as input. As logs accumulate over time, there is a need to recycle 
them after a certain period to avoid filling up server drives. This is 
important for all scripts for which you have enabled logging. Use the code 
in Listing 2-5. 


function Set-—Recyclelogs 


{ 
[CmdletBinding ( 
SupportsShouldProcess = $true, 
ConfirmImpact = 'High') ] 
param 
( 
[Parameter (Mandatory = $true,ParameterSetName = 
"Local') ] 
[string] $foldername, 
[Parameter (Mandatory = $true,ParameterSetName = 
"Local') ] 
[Parameter (Mandatory = $true,ParameterSetName = 
"Path'") ] 
[Parameter (Mandatory = $true,ParameterSetName = 


"Remote'") ] 
[int]Slimit, 


[Parameter (ParameterSetName = 'Local',Position = 
0)] [switch]$local, 


[Parameter (Mandatory = $true,ParameterSetName = 


"Remote ') 
[string] $ComputerName, 

[Parameter (Mandatory = Strue, ParameterSetName 
"Remote ') 
[string] $DriveName, 
[Parameter (Mandatory 
"Remote ') 
[string] $folderpath, 


Strue,ParameterSetName 


[Parameter (ParameterSetName = 'Remote',Position = 
0)] [switch] SRemote, 

[Parameter (Mandatory = Strue,ParameterSetName = 
"Path') ] 


[ValidateScript ({ 
if (-Not ($_ | Test-Path) ) {throw "File or 
folder does not exist"} 
return Strue 
})] 


[string] $folderlocation, 


[Parameter (ParameterSetName = 'Path',Position = 
0)] [switch]$Path 


switch (SPsCmdlet.ParameterSetName) { 
"Local" 
{ 
Spathl = (Get-Location).path + "\" + 
"Sfoldername" 
if ($PsCmdlet.ShouldProcess(Spathl , "Delete") ) 
{ 
Write-Host "Path Recycle —- Spathl Limit - 
Slimit" —-ForegroundColor Green 
Slimitl = (Get-—Date) .AddDays(-"Slimit") #for 
report recycling 
Sgetitems = Get-ChildItem -Path Spathl - 
recurse -file | Where-Object {$_.CreationTime -lt 
Slimit1} 
ForEach(Sitem in Sgetitems) { 
Write-Verbose —Message "Deleting item 
S$ (Sitem.FullName) " 


Remove-Item Sitem.FullName -Force 


} 
"Remote" 
{ 
Spathl = "\\" + S$ComputerName + "\" + 
SDriveName + "S$" + "\" + Sfolderpath 
if ($PsCmdlet.ShouldProcess(S$pathl , "Delete") ) 
{ 
Write-Host "Recycle Path - Spathl Limit - 
Slimit" —-ForegroundColor Green 
Slimitl = (Get-—Date) .AddDays(-"Slimit") #for 
report recycling 
Sgetitems = Get-ChildItem -Path Spathl - 
recurse -file | Where-Object {$_.CreationTime -lt 
Slimit1} 
ForEach(Sitem in Sgetitems) { 
Write-Verbose —-Message "Deleting item 
$(Sitem.FullName) " 
Remove-Item Sitem.FullName -Force 


"Path" 
{ 
Spathl = $folderlocation 
if ($PsCmdlet.ShouldProcess(S$pathl , "Delete") ) 
{ 
Write-Host "Path Recycle —- Spathl Limit - 
Slimit" -ForegroundColor Green 
Slimitl = (Get-—Date) .AddDays(-"Slimit") #for 
report recycling 
Sgetitems = Get-ChildItem -Path Spathl - 
recurse -file | Where-Object {$_.CreationTime -lt 
Slimit1} 
ForEach(Sitem in Sgetitems) { 
Write-Verbose —Message "Deleting item 
$(Sitem.FullName) " 
Remove-Item Sitem.FullName -Force 


} 


}# Set-Recycle logs 


Listing 2-5Code for the Set-Recyclelogs Function 
To recycle logs older than 10 days inside the logs folder in the 
current directory: 


Set—-Recyclelogs -foldername logs —-limit 10 
Use confirm: $false to avoid confirmation once you are sure that you 
want to delete the files: 


Set-Recyclelogs -foldername logs -limit 10 - 
confirm:$false 
Use verbose to check which files are getting deleted: 


Set—-Recyclelogs -foldername logs -limit 10 - 
confirm:$false -verbose 

You can specifiy the path as well if your script is in another directory and 
you want to delete logs in another folder structure: 


Set-Recyclelogs -folderlocation c:\temp\logs -limit 
10 
To recycle logs on a remote machine, use the following syntax: 


Set-—Recyclelogs -ComputerName testmachine — 
DriveName c -folderpath data\logs -limit 10 
Set-ProgressBar function: This function is just to show the progress bar 
when you want to pause for some time. See Listing 2-6 and Figure 2-8. 


function Start-—ProgressBar 


{ 


[CmdletBinding() ] 

param 

( 
[Parameter (Mandatory = Strue) ] 
STitle, 
[Parameter (Mandatory = Strue) ] 


[int]$Timer 


For ($i = 1; Si -le S$Timer; $i++) 
{ 
Start—Sleep -Seconds 1; 
Write-Progress -Activity S$Title -Status "Si" - 
PercentComplete (Si /100 * 100) 
} 


} #Function Start—ProgressBar 


Listing 2-6Code for Start-ProgressBar Function 


Start-ProgressBar -Title “Test timeout” -Timer 30 
E Windows PowerShell 


:\temp> Start-ProgressBar -Title “Test timeout" -Timer 30 


Figure 2-8Start-ProgressBar with a timer of 30 seconds 


You can use a simple timeout as well, which is built in (see Figure 2-9): 


timeout 10 
E3 Windows PowerShell 
:\temp> timeout 30 


jaiting for 25 seconds, press a key to continue ... 


Figure 2-9Built-in timeout cmdlet 


Summary 


In this chapter, you learned about the date and logs cmdlet and how to 
manipulate and use the format of dates to generate time-stamped folders 
and files. This technique will help you in different scenarios such as 
creating log files or log folders every day with a date/time stamp inserted 
into the 

file name. 
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3. Input to Your Scripts 


Vikas Sukhijai 


(1) 

Waterloo, ON, Canada 
There are many situations in the practical system administration world in 
which you have to feed your scripts with inputs. Examples are reading a 
text file that has a list of users and adding them to a specific Active 
Directory group, or reading a CSV file that includes user attributes like 
phone number, title, and department, and updating these attributes in 
Active Directory. In this chapter, you will look at the different ways of 
feeding your scripts with different types of inputs. 


Import-CSV 


Import—CSV is the most-used method for providing a script with a CSV 
file to read and it is further used to perform bulk operations using loops. 
To demonstrate, let’s create a small CSV file (save it as 
samplecsv.csv) in the format shown in Figure 3-1 and then print the 
contents. See Listing 3-1 for the code. 
A B G 
User email title 


Vikas Sukhija_ svikas@techwizard.cloud [Blogger l 
|Pradip Sukhija sukhijap@techwizard.cloud sysadmin 


Figure 3-1Example CSV file 


Sdata = import-csv c:\temp\samplecsv.csv #Import 
CSV in variable data 


foreach (Si in Sdata) { 
Write-host Si.user -—foregroundcolor green #printing 
column user 
Write-host Si.email -foregroundcolor yellow 
#printing column email 
Write-host Si.title -foregroundcolor magenta 
#printing column title 
} 

Listing 3-1Code for Import-CSV 

Figure 3-2 shows the Import-—CSV operation in PowerShell. If you 
are in the same folder, you can use dot source instead of the full path 
shown in screenshot: 


Sdata = import-csv .\samplecsv.csv # .\ means current 
directory 


:\temp> $data = import-csv .\samplecsv.csv 
:\temp> foreach ($i in $data) { 

>> Write-host $i.user -foregroundcolor green 
>> Write-host $i.email -foregroundcolor yellow 
>> Write-host $i.title -foregroundcolor magenta 


Figure 3-2Showing the Import-CSV operation by dot sourcing (.\) 


Importing from a Text File 


There are scenarios in which you get data in a text file, such as a server list 
or a user list, one name at a time, and you want to perform a certain 


operation on the data. 

Figure 3-3 shows the printing of each server from a file named 
servers.txt file onto the screen. (Get—content is the cmdlet used 
for reading text files; see Listing 3-2.) 


(F) servers.txt - Notep.. 2 |S) 28 | 


File Edit Format View Help 


serverOl a 
server02 
server03 
server04 


Figure 3-3Example text file contents 


Sservers = Get-content .\servers.txt 
$servers | foreach-object { 
Write-host $_ 

} 


Listing 3-2Code for Reading from a Text File 
Save the code ina .ps1 file and run it or just paste it in the 
PowerShell console. See Figure 3-4. 


@ Windows PowerShell in 


IPS C2\scripts> .\importxt-.psl 
server@1 
serve rG2 
serve rB3 


serve rB4 
IPS Cz\scripts> 


Figure 3-4Reading from a text file operation in PowerShell 


Input from an Array 


You can do the same thing with array that you have done with text file. Say 


you have array of servers and you want to print it on the screen. See Listing 
3-3. 


Sservers = 
@("server01","server02","server03","server04") #array 


of servers 


$servers | foreach-object { 
Write-host $_ -foregroundcolor yellow 
} 


Listing 3-3Code for Reading from an Array and Printing It 
Running this script will show the results in Figure 3-5. 


:\temp> $servers = @("server@1",“server@2", “server@3", “server@4”™) 
:\temp> 

:\temp> $servers | foreach-object { 

> Write-host $  -foregroundcolor yellow 


Figure 3-5Showing the printing of an array 


Summary 


In this chapter, you learned how to feed scripts with input either through a 
text file, CSV file, or an array. There are advanced ways to input your 
scripts but the ways mentioned in this chapter are common and are used 
every day in the system administration world. 
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4. Interactive Input 


Vikas Sukhijai 


(1) 

Waterloo, ON, Canada 
This chapter will provide examples where you can add interactive input to 
your scripts (i.e., the script will ask for input such as entering a password or 
another attribute such as the path of a CSV or text file). 


Read-host 


You have used Write-—host for printing value to the screen. Now you 
canuse Read-host to get values that are input by a user on the screen: 


Sx =Read-host "input your Name" 
The value of your input is saved in an $x variable so you can use it in 
the script for further processing, as shown in Figure 4-1. 


EY Windows PowerShell 


x =Read-host “input your Name” 
input your Name: Vikas Sukhija 
2\> 
ikas Sukhija 


Figure 4-1Read-host operation 


Another option is to specifically use the —prompt parameter. There is 
no difference in how you use it. See Figure 4-2. 


SAge =Read-host -prompt "input your Age." 


E Windows PowerShell 


:\temp> $Age =Read-host -prompt “input your Age” 
input your Age: 31 
: \temp> 


Figure 4-2Read-host operation specifying the -prompt 


-assecurestring is used when you want to input a password securely: 


SPassword = Read-Host -assecurestring "Enter your 
password" 

Here as well the value of the password entered is saved in the 
$Password variable that you can use it in the script for further 
processing, such as authentication to some service like Office 365. See 
Figure 4-3. 

E3 Windows PowerShell 


:\temp> $Password = Read-Host -assecurestring “Enter your password” 
nter your password: ******** 

:\temp> $Password 

ystem. Security .SecureString 

:\temp> 


Figure 4-3Read-host operation for a password as an input 


Parameters 


In a PowerShell command, functions are scripts that rely on parameters so 
that a user can either enter values or select options. I will briefly touch on 

basic parametrization. (Advanced parameters are outside the scope of this 

book.) See Listing 4-1. 


Param ( 
[string]$firstname, 
[string] $lastname, 
[string]S$title 


Write-host "First Name: Sfirstname" -ForegroundColor 
Yellow 

Write-host "Last Name: Slastname" -ForegroundColor 
Yellow 

Write-host "Title: $Title" -ForegroundColor green 


Listing 4-I1Example Code Showing Use of Parameters 
Save this asa .ps1 file and run it as follows (and see Figure 4-4): 


.\script.psl -firstname Vikas -lastname sukhija - 
title blogger 


E Windows PowerShell 


:\temp> .\script.psi -firstname Vikas -lastname Sukhija -title blogger 
irst Name: Vikas 


ast Name: Sukhija 
itle: blogger 
:\temp> 


Figure 4-4Script execution with parameters 


Tip 


Make sure you define the parameters at the beginning of your script. 


GUI Button 


Here is a cheat code (function) in case you want interactive input in the 
form of a graphical user interface. I consider it as a fancy way to get input 
from the user. The button function in Listing 4-2 can take inputs from the 
Windows form that you can display on a screen or perform other desired 
operations in your script. 


function button (Stitle,$mailbx, SWF, STF) 
{ 

HHTHETHTTEEPEPPEP EFLOad Assembly for creating form 
& button#t#ttttt 

[void] 
[System.Reflection.Assembly]::LoadWithPartialName ( 
"System.Windows.Forms") 

[void] 


[System.Reflection.Assembly] ::LoadWithPartialName ( 
"Microsoft.VisualBasic") 


#####Define the form size & placement 

Sform = New-Object "System.Windows.Forms.Form"; 

Sform.Width = 500; 

Sform.Height = 150; 

Sform.Text = Stitle; 

Sform.StartPosition = 
[System.Windows.Forms.FormStartPosition]::CenterScreen; 


HEEHHHHEPH HH HEHDe£ine text labell 
StextLabell = New-Object 
"System.Windows.Forms.Label"; 
StextLabell.Left = 25; 
StextLabell.Top = 15; 


StextLabell.Text = S$mailbx; 


HHHEHHHHHHHHEHHHDeLine text label2 


StextLabel2 = New-Object 
"System.Windows.Forms.Label"; 

StextLabel2.Left = 25; 

StextLabel2.Top = 50; 


StextLabel2.Text = SWF; 


HHHHHHEHHEHEHHDefine text label3 


StextLabel3 = New-Object 
"System.Windows.Forms.Label"; 

StextLabel3.Left = 25; 

StextLabel3.Top = 85; 


StextLabel3.Text = STF; 


Htteeettit it Define text boxl for input 

StextBoxl = New-Object 
"System.Windows.Forms.TextBox"; 

StextBoxl.Left = 150; 

StextBoxl.Top = 10; 

StextBoxl.width = 200; 


Httetettit i Define text box2 for input 


StextBox2 = New-Object 
"System.Windows.Forms.TextBox"; 
StextBox2.Left = 150; 
StextBox2.Top = 50; 
StextBox2.width = 200; 


Htteeettit it Define text box3 for input 


StextBox3 = New-Object 
"System.Windows.Forms.TextBox"; 
StextBox3.Left = 150; 
StextBox3.Top = 90; 
StextBox3.width = 200; 


Hteetetttt te tDefine default values for the input 
boxes 

SdefaultValue = "" 

StextBoxl.Text = SdefaultValue; 

StextBox2.Text = SdefaultValue; 

StextBox3.Text SdefaultValue; 


HHtHHHH HEHE HHdefine OK button 

Sbutton = New-Object "System.Windows.Forms.Button"; 
Sbutton.Left = 360; 

Sbutton.Top = 85; 

Sbutton.Width = 100; 

Sbutton.Text = "Ok"; 


HHHHHHHHHHHHEHE This is when you have to close the 
form after getting values 
SeventHandler = [System.EventHandler] { 
StextBoxl.Text; 
StextBox2.Text; 
StextBox3.Text; 
Sform.Close(); 
i 


Sbutton.Add_Click(SeventHandler) ; 


HEEFEHHEHHHHHAGUA controls to all the above objects 
defined 


Sform.Controls.Add(S$button) ; 


( 
Sform.Controls.Add($textLabell); 
Sform.Controls.Add(StextLabel2) ; 
Sform.Controls.Add($textLabel13) ; 
Sform.Controls.Add(StextBoxl1) ; 

( 


Sform.Controls.Add(StextBox2) ; 
Sform.Controls.Add(StextBox3) ; 
Sret = Sform.ShowDialog(); 


HHEHHETHHE HHH EHH HC]|etUurN Values 


return StextBoxl.Text, StextBox2.Text, 
StextBox3.Text 
} #button 


Listing 4-2Code for Input from a GUI Button 
Load this function into your script, and then you can perform the 
operations on the inputs as shown: 


Sreturn= button "Enter Folders" "Enter mailbox" 
"Working Folder" "Target Folder" 


You can choose different names per your requirements. See Figure 4-5. 
E® Windows PowerShell 


:\temp> $return= button “Enter Folders" “Enter mailbox" “Working Folder" “Target Folder” 


a! Enter Folders 


Enter mailbox |mailbox01 


Working Folder lies 


Target Folder he =r) 


Figure 4-5GUI button input 


After you press the OK button, the $return variable contains all 
these values in the array (see Figure 4-6): 


Sreturn[0] - Enter mailbox value 
Sreturn[1] - Working folder value 
Sreturn[2] > Target Folder value 


E3 Windows PowerShell 


:\temp> $return= button “Enter Folders” “Enter mailbox" “Working Folder" “Target Folder" 
:\temp> $return[@] 

ailbox@1 

:\temp> $return[1] 

est 

:\temp> $return[2] 

est2 

:\temp> 


Figure 4-6Showing values returned from the user input 


You can also print to the screen in the same manner as shown 
previously (see Figure 4-7): 


Write-host "Enter mailbox : $(Sreturn[0])" 
ForegroundColor Yellow 

Write-host "Working folder : $(Sreturn[1])" 
ForegroundColor Yellow 

Write-host "Target Folder : $(Sreturn[2])" - 
ForegroundColor green 


E Windows PowerShell 


:\temp> Write-host "Enter mailbox : $($return[@])" -ForegroundColor Yellow 
nter mailbox : mailbox@1 

:\temp> Write-host “Working folder : $($return[1])" -ForegroundColor Yellow 
lorking folder : test 

:\temp> Write-host “Target Folder : $($return[2])" -ForegroundColor green 
arget Folder : test2 

:\temp> 


Figure 4-7Printing the values from the input using Write-host 


Prompt (Yes or No) 


There are practical situations when as a system administrator you want to 
build a nice way to get a Yes/No response from the users. You can do this 
easily with PowerShell utilizing the cheat code in Listing 4-3. 


Soverwrite = New-Object -comobject wscript.shell 


SAnswer = Soverwrite.popup("Do you want to Overwrite 
AD Attributes?",0,"Overwrite Attributes", 4) 


If (SAnswer -eq 6) {Write-Host "you pressed Yes" — 
ForegroundColor Green} 
else{Write-Host "you pressed Yes" 
Red} 
Listing 4-3Code for a Yes/No Operation 
Copy and paste the code into the PowerShell console or save the script 

asa .psi file and run it. See Figure 4-8. 

EB Windows PowerShe 

C:\temp> .\script.ps1 


-ForegroundColor 


Overwrite Attributes 


Do you want to Overwrite AD Attributes? 


Figure 4-8Showing a Yes/No operation in PowerShell 


If you press Yes, you get the result shown in Figure 4-9. 
E Windows PowerShell 
C:\temp> .\script.psi 
you pressed Yes 
C:\temp> 


Figure 4-9Showing the Yes operation 


If you press No, you get the result shown in Figure 4-10. 
E Windows PowerShell 
C:\temp> .\script.ps1 
you pressed Yes 
C:\temp> .\script.ps1 
you pressed Yes 
C:\temp> 


Figure 4-10Showing the No operation 


Instead of just Write—-host you can perform different operations 
inside your script based on the response selected by the user. 


Summary 


In this chapter, you learned about interactive inputs. This strategey is 
utilized when you have to provide the script to an end user. The end user 
can just run the script. Questions that are coded by the scripter pop up 
interactively and the user can answer them and perform a meaningful job. 
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Microsoft and other third-party vendors have built PowerShell snapins or 
modules for their different products. To use the PowerShell cmdlets for 
these technologies, you have to either add the snapins or import the 
modules in your scripts. 

PowerShell snapins are legacy products because nowadays everything 
comes as modules. You can consider a module as a battery that is required 
to run your scripts. Each module is a package that contains cmdlets, 
providers, functions, aliases, and more. 

Although snapins are legacy, let’s touch on them briefly, showing the 
products that use(d) them. 


PowerShell Snapins 


Exchange Sever itself is the better example to show for PowerShell 
snapins. Exchange 2007 and 2010 both used snapins. 

To add an Exchange snapin to your scripts, you can use following code. 
(Examples of Exchange 2007 and 2010 snapins are in Listing 5-1 and 
Listing 5-2, respectively.) As these products are officially at end-of-support 
status, the usage might be rare (they’re only applicable for organizations 
that have not upgraded yet). 


Note 


Exchange management binaries should be installed first on the machine 
or the snapin will not work. 


If ((Get-PSSnapin | where {$_.Name -match 
"Exchange.Management"}) -eq $null) 
{ 

Add-PSSnapin 
Microsoft.Exchange.Management.PowerShell.Admin 


} 
Listing 5-1Code to Add the Exchange 2007 Management Shell 


If ((Get-PSSnapin | Where-Object { $_.Name -match 
"Microsoft.Exchange.Management.PowerShell.E2010" }) - 
eq $null) { 

Add-PSSnapin 
Microsoft.Exchange.Management .PowerShell.E2010 
} 


Listing 5-2Code to Add the Exchange 2010 Management Shell 
After the snapin has been added to the session or the script, it can run 
the Exchange commands inside the window, as shown in Figure 5-1. 


jndowsPower! EE INv4.0\ oe ewers as 


S.c ‘Ge t-PSSnapin Obje ‘oft .Exchange .Management .PowerShel1. 
>> } ” add PSSnapin ticrosoft. Exchange: Tanageaent Sronershelt. £2010 

>> 

>> ; . : 
IPS C:\> Get-Mailbox test* | ft Name, Alias, ProhibitSendQuota -AutoSize 
Name Alias ProhibitSendquota 

rest Hailbox 2016 TestMailbox2016 unlimited 

est Mailbox: test .mailbox2 unlimited 

test DMZ test1DMzZ unlimited 

ltest2DMZ pest 2DNe 2 KE (2, cae bytes) 

Itestaccoun' estaccoun: un] imite 

[Testing Nai 1hox2010 Test ah gnat Ibox2010 undimited 

|Mailbox, Test test .mailbox unlimited 


IPS c:\> 


Figure 5-1Exchange Management Shell 


You can also use get—-pssnapin in the PowerShell shell window to 
check which snapin is available. 

In Figure 5-2, I want to take advantage of the Quest shell, so I use 
get—pssnapin in the Quest AD shell to find out the snapin name. 


[[PS] Cz: \CodRepo\Projects>Get-Pssnapin 


Microsoft .PowerShe11.Core 
62.1; 


Jame : 
Paversion : 5.1.18362. . 7 
scription : This Windows Powershell snap-in contains cmdlets used to manage components of windows PowerShell. 


Jame : Quest.ActiveRoles .ADManagement 
Ssversion : 2.0 | sj % Z : “ 
escription : This Windows PowerShell snap-in contains cmdlets to manage Active Directory and Quest One ActiveRoles. 


[PS] C:\CodRepo\Projects> 


Figure 5-2Quest AD Management Shell 


Listing 5-3 shows how to add the snapin to the PowerShell script or 
session using the same technique as for the Exchange product. 


If ((Get-PSSnapin | where {$_.Name -match 
"Quest .ActiveRoles"}) -eq Snull) 


{ 
Add-PSSnapin Quest.ActiveRoles.ADManagement 


Listing 5-3Code to Add the Quest AD Management Shell 


Note 


The above code to add a snapin first checks to see if the snapin already 
exists. If so, it does nothing. If not, it adds the required snapin. 


Modules 


Let’s cover modules now as this is what you will deal with in your day-to- 
day work. Per Microsoft, “a module is a package that contains PowerShell 
members, such as cmdlets, providers, functions, workflows, variables, and 
aliases. The members of this package can be implemented in a PowerShell 
script, a compiled DLL, or a combination of both. These files are usually 
grouped together in a single directory.” 

For the PowerShell scripting language, we need modules to interact 
with different products, such as Azure, Office 365, Exchange Online, and 
so on. 

PowerShell Gallery (www.powershellgallery.com/) is the de 
facto repository that contains almost all of the modules that anyone can 
utilize. 

To install a module on your machine from PowerShell gallery, use this 
code: 


Install-Module -Name AzureAD 
Enter yes (as shown in Figure 5-3) when you receive the prompt to install 
the module. 


E3 Windows PowerShell 

:\temp> Install-Module -Name AzureAD 
intrusted repository 

ou are installing the modules from an untrusted repository. If you trust this repository, change its Installatia 
lu sure you want to install the modules from 'PSGallery'? 

[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "N"): 


Figure 5-3\nstalling a module from PowerShell Gallery 


When you install the module on your machine it will get stored in C: 
\Program Files\WindowsPowerShell\Modules as depicted in 
Figure 5-4. 


vard Organize New Open 


> ThisPC > OSDisk (C:) > Program Files > WindowsPowerShell 


aA 
Aw 


ms Name Date modified Type Siz 
ee 1 Configuration 3/18/2019 11:52 PM File folder 

| Modules 6/21/2021 11:54 A... File folder 

1 Scripts 9/7/2020 7:17 PM File folder 


Figure 5-4Module path on the computer 


There may be a situation where a developer has developed a new 
version of the module and you want to update your machine with this 
newer version. Use one of the following commands to upgrade the existing 
module: 


Update-Module —-Name AzureAD 
or 


Install-—Module -Name AzureAD -force (this will 
also upgrade the module to latest version) 
With update you can also update the module to a specific version: 


Update-Module —-Name AzureAD -—-RequiredVersion 1.0.1 
Removing the module is a simple operation and can be done as shown in 
the following cmdlet: 


Remove-Module AzureAD 

After you have installed the module, which is a one-time task, and you 
want to utilize that module in your scripts, you can do so by using the 
Import—Module command. 


Note 


After PowerShell V3, modules are loaded automatically when the first 
cmdlet from that module is run from the script. 


You can still follow the practice of importing the modules in your script 
before running a command: 


Import-—Module AzureAD 


To get all of the modules installed on your machine, you can use the 
following code (the results are shown in Figure 5-5): 
Get-Module -ListAvailable 


3 Windows PowerShell 
{:\temp> Get-Module -ListAvailable 


Directory: C:\OneDrive\OneDrive - Boston Scientific\IMP\Documents \WindowsPowerShel1\Modules 


loduleType Version Name ExportedCommands 


Script 1.4.7 PackageManagement {Find-Package, Get-Package, Get-PackageProvider, Get-PackageSource...} 


Directory: C:\Program Files \WindowsPowerShel1\Modules 


loduleType Version Name ExportedCommands 
script 2.2.3 Az.Accounts {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataColleq 
cript ey Pe Az.Accounts {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataColleq 
cript 1.2.1 Az. Advisor {Get-AzAdvisorRecommendation, Enable-AzAdvisorRecommendation, arnaeal 
cript 2.0.1 Az.Aks {Get-AzAksCluster, New-AzAksCluster, Remove-AzAksCluster, Import-AzAksCri 
cript 1.0.3 Az.Aks {Get-AzAks, New-AzAks, Remove-AzAks, Import-AzAksCredential. ..} 
cript ey Az.AnalysisServices {Resume-AzAnalysisServicesServer, Suspend-AzAnalysisServicesServer, Get- 
Script a's2 Az.AnalysisServices {Resume-AzAnalysisServicesServer, Suspend-AzAnalysisServicesServer, Get- 
cript 2.2.8 Az. ApiManagement {Add-AzApiManagementApiToGateway, Add-AzApiManagementApiToProduct, Add-Az| 
cript 1.4.8 Az. ApiManagement {Add-AzApiManagementApiToProduct, Add-AzApiManagementProductToGroup, Add- 
i 1.0.0 Az. AppConfiguration {Get-AzAppConfigurationStore, Get-AzAppConfigurationStoreKey, New-AzAppCo| 
i 1.1.8 Az. ApplicationInsights {Get-AzApplicationInsights, New-AzApplicationInsights, Remove-AzApplicati| 


Figure 5-5Showing a list of available modules on the computer 


Cheat Module (vsadmin) 


Since this book is about cheat codes to create complex scripts, here is a 
cheat module that is full of functions that you can utilize to do complex 
operations inside your scripts. I recently created this module for the 
community to help them with scripting. I update it to newer versions from 
time to time as features change for different products. 

Module name: vsadmin 

Installing the module (see Figure 5-6): 


Install-Module -Name vsadmin 
E® Windows PowerShell 
{¢:\temp> Install-Module -Name vsadmin 


ecpesiage repository 

ou are installing the modules from an untrusted repository. If you trust this repository, 
you sure you want to install the modules from ‘PSGallery'? 

[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "N"): 


Figure 5-6Installing the vsadmin module 


Once installed, you will find files created inside your module’s 


directory (C:\Program Files\WindowsPowerShell\Modules) 


as depicted in Figure 5-7. 
Program Files > WindowsPowerShell > Modules > vsadmin > 1.1 


Name Date modified 

=) GeneralFunctions.ps1 7/18/2020 3:30 PM 
=) 0365.ps1 7/18/2020 3:30 PM 
& vsadmin.psd1 7/18/2020 3:30 PM 
©) vsadmin.psm1 7/18/2020 3:30 PM 


Figure 5-7Showing files inside the vsadmin module 


As stated, you can import the module in to the session using import- 
module like so: 


import-—module vsadmin 
Figure 5-8 shows the commands that are available inside the 
vsadmin module. You can use the following command to check functions 
and cmdlets in any module: 


Get-Command -Module vsadmin 


E3 Windows PowerShell 
:\temp> Get-Command -Module vsadmin 
ommandType Name Version Source 
Function Get-ADGroupMembersRecursive 3.0 vsadmin 
Function Get-ADUserMemberOf 3.0 vsadmin 
Function Get-Auth 3.0 vsadmin 
Function Get-IniContent 3.0 vsadmin 
Function Group-Validate 3.0 vsadmin 
Function LaunchCOL 3.0 vsadmin 
Function LaunchEOL 3.0 vsadmin 
Function LaunchEXOnprem 3.0 vsadmin 
Function LaunchMSOL 3.0 vsadmin 
unction LaunchSOL 3.0 vsadmin 
unction LaunchsPO 3.0 vsadmin 
Function New-FolderCreation 3.0 vsadmin 
Function New-RandomPassword 338 vsadmin 
unction RemoveCOL 3.0 vsadmin 
Function RemoveEOL 3.0 vsadmin 
Function RemoveEXOnprem 3.0 vsadmin 
unction RemoveMSOL 3.0 vsadmin 
Function RemoveSOL 3.0 vsadmin 
Function RemoveSPO 3.0 vsadmin 
Function Save-CSV2Excel 3.0 vsadmin 
Function Save-EncryptedPassword 3.0 vsadmin 
Function Send-Email 3.0 vsadmin 
Function Set-Recyclelogs 3.8 vsadmin 
Function Start-ProgressBar 3.0 vsadmin 
Function Test-vsadmin 3.8 vsadmin 
unction Write-Log 3.0 vsadmin 
\temp> 


Figure 5-8Available vsadmin module commands 


Let’s explore Office 365 functions and then we will move on to other 
system admin functions that you can utilize daily. 


° LaunchEOL/RemoveEOL (Exchange Online) 

° LaunchSOL/RemoveSOL (Skype online) 

° LaunchSPO/RemoveSPO (SharePoint online) 

* LaunchCOL/RemoveCOL (Security and Compliance) 

° LaunchMSOL/RemoveMSOL (MSonline Azure Active Directory) 

* LaunchEXOnprem/RemoveEXOnprem (for on-premise Exchange 
Server) 


Three of the Office 365 functions are prefixed so that they do not 
conflict with on-premise commands and are easy to use/understand in a 
hybrid script. For example, the Exchange Online command get-— 
mailboxis get—EOLmailbox when you use this module to launch it, 
as shown later. 


Note 
The following native Office 365 modules are necessary for the Office 


365 functions in the vsadmin module to work, or it will ask you to 
install them. 


ExchangeOnlineManagement, www.powershellgallery.com/ 
packages /ExchangeOnlineManagement 

Sharepoint Online, www.microsoft.com/en-ca/download/ 
details.aspx?id=35588 

MSOnline Module, www.powershellgallery.com/ 
packages/MSOnline 

Skype Online (Retired) All cmdlets are under the Teams Module at 
www.powershellgallery.com/packages/ 
MicrosoftTeams 


For example, you can use LaunchEOL if you just want to connect to 
Office 365 Exchange online. It will prompt you for authentication and, 
once authenticated, you will get connected. It will check if the Exchange 
Online Management Shell is installed on your computer or not. If not, it 
will provide you with a hint. See Figure 5-9. 


Sign in to your account 


BE Microsoft 
Sign in 
adminj@techwizard.cloud 


No account? Create one! 


Can't access your account? 


Sign-in options 


Figure 5-9Authentication prompt by Office 365 


Figure 5-10 shows that you are connected and can use the Exchange 


commands. 

E3 Windows PowerShell 

{c:\temp> LaunchEOL 

{c:\temp> Get-EOLMailbox 

Name Alias Database ProhibitSendQuota 
mit .Maurya Amit .Maurya NAMPR1@DG@86-dbe8s 99 GB (106,300,44... 
iscoverySearchMailbox... DiscoverySea... NAMPR1@DG@55-dbe84 5@ GB (53,687,091... 
marcFailures DmarcFailures NAMPR10DG194-db067 49.5 GB (53,150,2... 
marcReports DmarcReports NAMPR1@DG@04-db@25 49.5 GB (53,150,2... 
Gaba GGaba NAMPR1@DG@08-dbe@69 99 GB (106,300,44... 

linfo info NAMPR1@DG@20-dbe20 49.5 GB (53,150,2... 

gaba Jgaba NAMPR1@DG139-db134 99 GB (106,300,44... 
Gaba PGaba NAMPR1@DG131-db@97 99 GB (106,300,44... 
ukhijaPradip ps4cloud NAMPR1@DG264-dbe41 99 GB (106,300,44... 

Irohit.singla rohit.singla NAMPR1@DG@64-db107 99 GB (106,300,44... 

Gaba SGaba NAMPR1@DG@09-dbe67 99 GB (106,300,44... 

TKhetarpal TKhetarpal NAMPR1@DG271-db112 99 GB (106,300,44... 

lsukhijavikas sukhijavikas NAMPR1@DG194-dbe@51 99 GB (106,300,44... 


Figure 5-10Exchange Online Management Shell prefixed Get-MailBox command 


If you want to use these commands in a script without entering a 
password every time (a technique you will learn after finishing this book), 
LaunchEOL -—Credential can be used by passing PS credentials. 

Similarly, you can use other functions because they are designed in a 
similar manner. For example, use this code and see the results in Figure 
5-11: 


LaunchSPO -orgName techwizard 
E Windows PowerShell 

:\temp> LaunchSPO -orgName tcs 
Enter Sharepoint Online Credentials 

:\temp> Get-SPOSite 


rl Owner Storage Quota 


ttps://tcs.sharepoint.com/portals/Channel1 1048576 
ttps://tcs.sharepoint.com/sites/TechWizardTraining 1048576 


Figure 5-11Showing a connection to SharePoint Online using LaunchSPO 


Tip 


Pressing Tab on a keyboard after pressing the hyphen will show you the 
parameters available for any function in PowerShell. 


To disconnect the session, you can use the following functions: 

RemoveEOL/RemoveSOL/RemoveSPO, etc. 

Other good functions that system administrators really like are the 
LaunchEXOnprem/RemoveEXOnprem functions as they are for on- 
premise Exchange servers. To connect to an Exchange on-premise server 
from your network, use this code: 

LaunchEXOnprem -psurl http:// 
exchangeserver.techwizard.cloud/Powershell 

or 


LaunchEXOnprem -—ComputerName 
exchangeserver.techwizard.cloud 
To disconnect, use the same technique you used for Office 365 functions: 


RemoveEXOnprem -computername 
exchangeserver.techwizard.cloud 


Let’s now discuss generic functions inside this module. In Chapter 2, 
Write-Log, Set-recyclelogs, start-—progressbar and other 
cheat function were shared. These functions are part of this module as well, 
so you do not have to copy and paste them in your scripts if you are 
importing this module in the script. See Listing 5-4 and Figure 5-12. 


Import-—Module vsadmin 


Slog = Write-Log -Name "log_file" -folder logs —-Ext 
log 


Write-Log -Message "Information.......... Script" — 
path Slog #default will log as information 
Write-Log —-Message "warning......... Message" -path 
Slog -Severity Warning #you can display warning using 
the severity 

Write-Log -Message "error......... Error" —path $log - 
Severity error #you can display error using the 
severity 


Listing 5-4Importing vsadmin and Using the Write-Log Function 


Home Share View 
=| [] w [@Movetoy X Delete ~ | Th \v| Q~  Hsetect a 
= We) tas J Select none 
eae: Copy Paste al |Scopy to> sh Rename Ae ODE es b eo) lntertcelecion 
Clipboard Organize New Open Select 
» 4 1 > ThisPC > OSDisk(C:)) > temp > logs v| Oo P Search lo.. 
DB 3D Objects “Name Date modified Type 
I Desktop |) log_file_8-23-2021_11-32AM_ 8/23/2021 11:32 AM Text Docume 
| Documents 
@ Downloads a log_file_8-23-2021_11-32AM_ - Notepad - | | 
2 Music File Edit Format View Help 
© Pictures |]}o8/23/2021 11:32:23| | Information ee eee: Script | |Information| 
; |98/23/2021 11:32:23| [War hENGsicnicsisines Message| |Warning| 
EB Videos 08/23/2021 11:32:23| lerror......... Error| error] 


S29 OSDisk (C:) 


Figure 5-12Showing the result of executing Listing 5-4 
In a similar fashion, you can create a CSV file: 


Sreport = Write-Log -Name "log_Enable" -folder 
reports -Ext csv 

I will not get into the other functions that have been shared in previous 
chapters. I just wanted to show that they can all be used in this manner as 
well. 


Encrypting a Password (vsadmin) 


You can encrypt a password and later utilize in it the script to connect to 
online services like Office 365 and Azure as follows (see Figure 5-13 for 


the result): 


Save-EncryptedPassword -password "testpassword" -path 
c:\temp\passwordl.txt 


Ic:\temp> Save-EncryptedPassword -password “testpassword" -path c:\temp\password1.txt 


Share View 


[] ® [gmMoveto~ %X Delete ~ | ‘oO Be @~ select alt 


Ww . ii: Select none 


ck Copy Paste (Dcopyto- =fRename New BropeHiet 


oO _ 
folder Go Invert selection 


Clipboard Organize New Open Select 
v f | « OSDis.. > temp d Search temp 


| dataexposure “ Name Date modified Type 


) Documents 


| password 1.txt 9/7/2021 1:09 PM Text Document 


Do neten. 


7 password 1.txt - Notepad 


File Edit Format View Help 
preeeaeedescoddfe115d1118¢7aeece4fc297ebe100009@beaasb5578786b4286d1d5FE8aa7e85a00000000020008 


Figure 5-13Encrypting a password using the save-encrypted command 


get—auth is another important function that you can use in your 
scripts to read credentials from the encrypted text file that you created 
above. You use it as follows: 


Scred get-auth —-userlId sukhija@techwizard.cloud — 
passwordfile c:\temp\password1.txt 
Spwd = Scred[0] ### credentials that can be used 
inside csom /api calls. 
Spscredential = $cred[1] ###credentials that can be 
used for functions that supports ps credentials. 

or 


Scred get-auth -userId sukhija@techwizard.cloud — 

password "“encryptedpassword" 

Spwd = Scred[0] ### credentials that can be used 

inside csom /api calls. 

Spscredential = $cred[1] ###credentials that can be 

used for functions that supports ps credentials. 
Let’s use a small cheat code snippet to connect to Office 365 using the 

PS credentials saved in the file and export a CSV report on mailboxes. 


(This can be modified and scheduled as per your needs.) See Listing 5-5 
and Figure 5-14. 


Import-—Module vsadmin 


Scred = get-auth -userId sukhija@techwizard.cloud - 
passwordfile "c:\temp\passwordl.txt" #getcredentials 
that you created using Save-EncryptedPassword 
Spscredential = $cred[1] ###credentials that can be 
used for functions that supports ps credentials. 


LaunchEOL —-Credential Spscredential 

$data = Get-EOLMailbox -ResultSize unlimited | Select 
Name, WindowsEmailAddress, IssueWarningQuota, 
ProhibitSendQuota, ProhibitSendReceiveQuota #fetch the 
required data from exchange online 


Sdata | Export-—Csv "c:\temp\mailboxes.csv" —- 
NoTypeInformation #export the data in csv format 


RemoveEOL #disconnect the exchange online session 


Listing 5-5Code Showing Use of PS Credentials 


Removed the PSSession ExchangeOnlineInternalSession_2 connected to outlook.office365.com 
Disconnected successfully ! 


| I = | temp = oO 4 


# U 


ito Quick Copy Paste 


Share 


A 


W 


View 


@ Move to 


X Delete ~ 


Rename 


ae) 


New 


FH select all 


75 Select none 


sees rd] Copy to folder SrOpetes 2 Invert selection 
Clipboard Organize New Open Select 
- v 4 | > ThisPC > OSDisk (C:) > temp vio 2 Search te.. 
1 extra ® Name Date modified Type 
= ime E\ Listing 5.5 8/24/2021 12:34PM _PS1 File 
Microsoft Teams &) mailboxes 8/24/2021 12:36 PM Microsoft Excel C 
| Microsoft Teams =] password 8/24/2021 12:25PM Text Document 


) Newsweaver 


| Notebooks 


Ww 


< 


Figure 5-14Exporting the mailboxes data in a CSV file 


Use Get-IniContent to read ini files and then use the values in 


scripts. See Figure 5-15. 


) Config.ini - Notepad 


File Edit Format View Help 
[ServiceAccount ] 
UserID=user@techwizard.cloud| 


Figure 5-15Example INI file 

You can see an example of the following code in Figure 5-16: 
Sinifile = "c:\temp\config.ini" 
Sreadini = Get-IniContent S$inifile 


SUser = Sreadini["ServiceAccount"] .UserID 


E3 Windows PowerShell 


:\temp> $inifile = "c:\temp\config.ini" 

:\temp> $readini = Get-IniContent $inifile 
:\temp> $User = $readini["ServiceAccount"].UserID 
:\temp> $User 

ser@techwizard.cloud 


:\temp> 


Figure 5-16Showing how to read an INI file using Get-IniContent 


Another useful day-to-day function is Save-CSV2Excel. As the 
name suggests, it converts a CSV file to formatted Excel: 


Save-CSV2Excel -CSVPath C:\data\auditmbx.csv —- 
Exceloutputpath c:\data\audit.xlsx 
Random complex passwords are essential in the system administrator 
world. So why use the Web or a tool to generate them when you can do so 
with the New-RandomPassword function from the vsadmin 
module? See this example in Figure 5-17: 

New-RandomPassword — NumberofChars 9 

It has been coded with 5, 9 ,14, and 20. 


E Windows PowerShell 

C:\temp> New-RandomPassword -NumberofChars 9 
6xS#Za058 

C:\temp> 


Figure 5-17Showing the generation of a random password 


Last but not least, ll share some Active Directory functions that are 
not available out of the box from the Active Directory module. 

Get-ADGroupMembersRecursive can extract group members 
recursively, but the AD module is required: 


Get-ADGroupMembersRecursive —-Groups "Test Nested 
Group" 
You can read more about this function at https:// 
techwizard.cloud/2020/10/24/get-—ad-group-members-— 
recursively/. 

Get-ADUserMemberOf can check if a user is a member of a group or 
not, but the AD module is required: 


Get-ADUserMemberOf —-User "User" —Group "Group" 

It returns t rue if the user is a member of a group or else it returns 
false. You can read more about this function at https: // 
techwizard.cloud/2020/12/31/check-if-—ad-user-is- 
member-of-group/. 


Summary 


In this chapter, you learned how to use modules in PowerShell. Modules 
are like batteries. Without them it is hard to script any product using 
PowerShell. I also shared a cheat system administration module 
(vsadmin) which has many daily use functions/cmdlets. 


© The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature 2022 
V. SukhijaPowerShell Fast Track 
https://doi.org/10.1007/978- 1-4842-7759-1_6 


6. Sending Email 


Vikas Sukhijai 


() 
Waterloo, ON, Canada 

Sending email is an important aspect of scripting. Say you want to send 
alerts if a script results in an error, or you want to send bulk emails without 
utilizing any bulk email tool. 

PowerShell has a simple and effective out-of-the-box cmdlet for this 
purpose right from PowerShell v2. The following is an example of Send- 
MailMessage, which is prevalent in PowerShell: 


Send-MailMessage -SmtpServer "smtpserver" -—From 
"DoNotReply@labtest.com" -To 
"sukhija@techwizard.cloud " —-Subject "Error exception 
occured " —-Body "body of the message" 

If you are still using PowerShell 1.0 (which is highly unlikely), you can 
use the code in Listing 6-1 as it works on all versions of PowerShell. 


Ssmtpserver = "smtp.lab.com" 

Sto = "sukhija@techwizard.cloud" 
Sfrom = "DonotReply@labtest.com" 
Sfile = "c:\file.txt" #for attachment 
Ssubject = "Test Subject" 


Smessage = new-object Net.Mail.MailMessage 

Ssmtp = new-object Net.Mail.SmtpClient (Ssmtpserver) 
Smessage.From = Sfrom 

Smessage.To.Add (Sto) 


Satt = new-object Net.Mail.Attachment ($file) 
Smessage.IsBodyHtml = $False 
Smessage.Subject = $subject 
Smessage.Attachments.Add(Satt) 


Ssmtp.Send ($message) 
Listing 6-I1Sending a Message with Powershell v1 


Formatting a Message Body 


There are situations in which you want to send a properly formatted email 
body instead of just a one-liner email. You can use the cheat code in 
Listing 6-2 for this purpose. You can see the result in Figure 6-1. 


Ssmtpserver = "smtp.lab.com" 

Sto = "sukhija@techwizard.cloud" 
Sfrom = "DonotReply@labtest.com" 
Ssubject = "Test Subject" 


Smessage = @" 
Hello, 


"@ 
Send-MailMessage -SmtpServer Ssmtpserver -From Sfrom 
-To Sto -Subject Ssubject -Body $message 


Listing 6-2Sending a Formatted Message Body 


8B 


Help 


T L 


Message 


IBS Ignore I] [=] 


Delete Archive | 


File 


Be Reply Reply Forward 
& Junk | All fH 8 
Delete Respond 
Test Subject 


donotreply 


@ To @ Sukhija, Vikas (he/him/his) 


Retention Policy Delete Emails after 730 days (2 years) 


Hello, 

LR ccsasasnanacevessionnonsne 1 
Li Gasesccccasnaicinsvancccennss 2 
EIB coscanismvasantecastnsteeaies 3 


Figure 6-1The result of Listing 6-2 


Sending HTML 


Q Tell me what you want to do 


fat New Meeting © viatac : 

> To Manager ™ Team Email fiz) 

YY Done 5S Reply & Delete |¥ 
Quick Steps BS 


You can send fancy HTML emails using PowerShell if you use another 
cheat tip if you are not familiar with HTML. Log on to the HTML Online 


Editor (shown in Figure 6-2) to create the HTML: 


online.com/editor/. 


https://html- 


< G © https://html-online.com/editor/ 
a HTML css 
Editor Tags Cheat Sheet Characters Generators Templates Blog Links 
[vie une JT stare J A 
HTML | css | vs ] QUICK TOUR FEATURES ARTICLES El 
File Edit View Insert Format Tools Table ince 417 
swe’ wWhewse SEO Fey 
hal © JT Formats BJoV EB 2B282 
<i #ast#e YAY, |AM THE SOURCE EDITORI sissies 
— = = = <i ="color #5e9ca0;">You can edit <span style="color: 42623010" ">this demo</span> text! 
H-E- BBP RB SeeRa-H-OB E i 
<h2 style="color #2e6c80;">How to use the editor'</h2> 
<p>Paste your documents in the visual editor on the left or your HTML code inthe source editor 
. . in the nght. <br />Edit any of the two areas and see the other changing in real time .&nbsp;</p> 
You can edit this demo text! <p>sibep <P> 


How to use the editor: 


Paste your documents in the visual editor on the left or your HTML code in the 
source editor in the right. 
Edit any of the two areas and see the other changing In real time. 


Figure 6-2The HTML Online Editor 


Create some HTML content and use the code in Listing 6-3. You can 
see the result in Figure 6-3. 


Ssmtpserver = "smtp.lab.com" 

Sto = "sukhija@techwizard.cloud" 
Sfrom = "DonotReply@labtest.com" 
Ssubject = "Test Subject" 


Smessage = @" 

<!—— ####44### YAY, I AM THE SOURCE EDITOR! 

HE HHH HE —> 

<hl style="color: #5e9ca0;">You can edit <span 
style="color: #2b2301;">this demo</span> text!</h1> 
<h2 style="color: #2e6c80;">How to use the editor:</ 
h2> 

<p>Paste your documents in the visual editor on the 
left or your HTML code in the source editor in the 
right. <br />Edit any of the two areas and see the 
other changing in real time. &nbsp; </p> 

<p>é&nbsp; </p> 

"@ 


Send-MailMessage -SmtpServer Ssmtpserver -From Sfrom 
-To Sto -Subject Ssubject -Body $message -BodyAsHtml 


Listing 6-3Sending HTML-Formatted Email 


PowerShell 


File Message Help Q Tell me what you want to do 
| fa | fe A Fam 2 . 
FS Ignore Li fF] | XY] IX] M4 S| [a New Meeting love to: ? * | 
Del Aen » i i F me to v | To Manager ©™ Team Email |v] : 
Biunk~ Delete Archive | Reply ay orwar rhe | V’ Done D Reply & Delete >| 
Delete Respond Quick Steps & 
Test Subject 
donotreply 


To @ Sukhija, Vikas (he/him/his) 


Retention Policy Delete Emails after 730 days (2 years) 


You can edit this demo text! 


How to use the editor: 


Paste your documents in the visual editor on the left or your HTML code in the source editor in the right. 
Edit any of the two areas and see the other changing in real time. 


Figure 6-3The result of executing Listing 6-3 


Summary 


In this chapter, you learned how to send email using PowerShell. You can 
use this knowledge in the real world to send bulk emails or send email 
alerts when some task/process/script fails or errors out. 
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7. Error Reporting 


Vikas Sukhijai 


() 

Waterloo, ON, Canada 
For successful scripting, error reporting is a must-have. If there is an error, 
you want to report it to the admin or the owner of the process/automation. 
PowerShell has different ways to do error reporting. The most common 
way isthe Serror variable as it contains all the errors that have occurred 
in the session. Let’s look at some cheat code examples that you can utilize. 
You can log errors or send them via email. 


Reporting Errors Through Email 


Below is the code that can be used to send errors via email. You can insert 
this code into your script so that if the script results in an error, it is sent via 
email. 

Serror is the default variable in PowerShell that contains the error if 
it occurs during the execution of the code. In Listing 7-1, you check if 
Serror is not equal to null, and then send the error in an email. 

After sending the error email, if you want to clear the error, you can use 
Serror.clear() so that if you are using iterations, the error is not sent 
again if it does not occur in the next iteration. 


Sfrom = "donotreply@lab.com" 
Sto="vikas@lab.com" 

Ssubject = "Error has occured" 
SsmtpServer="smtp.lab.com" 


if (Serror) 
{ 


Send-MailMessage -SmtpServer Ssmtpserver -From Sfrom 


-To Sto -Subject Ssubject -Body Serror[0].ToString() 
Serror.clear () 


} 


Listing 7-I1Sending Errors via Email 

Listing 7-1 is missing one important thing. It just sends the last error, 
but what if you want to send the full error, which is actually an array and 
send-mailmessage is not able to send it effectively? You can utilize 
the Send-Email function in Listing 7-2, which is also part of the 
vsadmin module that was shared in the modules chapter. 


function Send-Email 
{ 
[CmdletBinding() ] 
param 
( 
[Parameter (Mandatory 
SFrom, 
[Parameter (Mandatory 
[array]$To, 
[array] $bcc, 
[array]$cc, 
Sbody, 
Ssubject, 
Sattachment, 
[Parameter (Mandatory 
Ssmtpserver 


Strue) ] 


Strue) ] 


Strue) ] 


) 


Smessage = New-Object System.Net.Mail.MailMessage 
Smessage.From = SFrom 
if ($To -ne Snull) 
{ 
$To | ForEach-Object { 
Stol = $_ 
Stol 
Smessage.To.Add(Stol) 


if ($cc -ne $null) 
{ 
$cc | ForEach-Object { 
Sccl = $_ 


Sccl 
Smessage.CC.Add (Scc1) 


} 
if (Sbcc -ne Snull) 
{ 
$bcc | ForEach-Object{ 
Sbccl = S_ 
Sbecl 
Smessage.bcc.Add(Sbccl) 


} 

Smessage.IsBodyHtml = Strue 

if (Ssubject -ne $null) 

{Smessage.Subject = $subject} 

if (Sattachment -ne Snull) 

{ 
Sattach = New-Object 

Net .Mail.Attachment (Sattachment) 

Smessage.Attachments.Add(Sattach) 

} 

if (Sbody -ne Snull) 

{Smessage.body = Sbody} 

Ssmtp = New-Object Net.Mail.SmtpClient (Ssmtpserver) 

Ssmtp.Send ($message) 


Listing 7-2Send-Email Function to Send an $error Array 

Once you have imported the function from Listing 7-2, you can utilize 
the code in Listing 7-3, which is similar to the code in Listing 7-1. The only 
change is utilizing Send-Email instead of the built-in Send- 
MailMessage. 


Sfrom = "donotreply@lab.com" 
Sto="vikas@lab.com" 

Ssubject = "Error has occured" 
SsmtpServer="smtp.lab.com" 


if (Serror) 
{ 
Send-Email -smtpserver SsmtpServer -From $from —-To 
Sto -subject Ssubject -body Serror 
Serror.clear () 


} 
Listing 7-3Sending $error Array in an Email 


Logging Everything Including 
Errors 


There is an built-in PowerShell cmdlet that you can use at the beginning of 
your script and stop at the end of the script. This is often called transcript 
logging. 


Start-transcript # at the beginning of the script 
Stop-transcript # at the end of the script 

This log will by default get stored in the running account’s My 
Documents folder. To store the transcript at a different location, you can 
specify the path parameter as shown in Figure 7-1. 


Slog = "c:\data\log.txt" 

Start-transcript -path Slog # at the beginning of 
the script 

Stop-transcript # at the end of the script 


EX Windows PowerShell 

:\temp> $log = "c:\data\log.txt" 

:\temp> Start-transcript -path $log 

ranscript started, output file is c:\data\log.txt 
:\temp> Stop-transcript 


ranscript stopped, output file is C:\data\log.txt 
:\temp> 


Figure 7-1Showing the transcript log in PowerShell 


Logging Errors to a Text File 


You can also just log errors in text files. This cheat guide describes a 
Write-Log function; the same can be utilized to log errors in text files. 


The result is shown in Figure 7-2. 


Slog = Write-Log -Name "Errorlog" -folder "logs" -Ext 
wW log" 

write-log -message "error is Serror" -path Slog - 
Severity error 


E® Windows PowerShe 
:\temp> $log = Write-Log -Name “Errorlog" -folder "logs" -Ext "log" 
:\temp> write-log -message “error is $error" -path $log -Severity error 
|69/07/2021 14:27:06] |error is Could not authenticate to SharePoint Onli 
( ) Unauthor d. One or more erro 
he name, or if a path was included, ve that th 


1e path is correct and 


rror | 


qq Errorlog_9-7-2021_2-26PM_.log - Notepad = 


File Edit Format View Help 

|99/07/2021 14:27:06| Jerror is Could not authenticate to SharePoint Online 
https: //techwizard-admin.sharepoint.com/ using OAuth 2.@ The remote server returnec 
(401) Unauthorized. One or more errors occurred. The term ‘1' is not recognized as 
of a cmdlet, function, script file, or operable program. Check the spelling of the 
if a path was included, verify that the path is correct and try again. Could not fi 
‘c:\samplecsv.csv'. Could not find file ‘C:\temp\samplecsv.csv'.| |error| 


Figure 7-2Showing the error logging in a text file 


Summary 


In this chapter, you learned how to report errors when they occur, how to 
write them in log files, how to send them through email, and how to capture 
the whole PowerShell session with the start-transcript cmdlet. 


© The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature 2022 
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Reports are an important aspect of day-to-day system administration. 
Sometimes we present reports to our managers and other times we utilize 
them to evaluate and improve our own work. 

Reports can be in the form of CSV, HTML, Excel, and more. The most 
common form is a CSV report because it’s universal and can be converted 
to other forms like Excel easily from the application itself. 


CSV Report 


Export—CSvV is the built-in PowerShell cmdlet that can be used to export 
the data to a CSV file. You can simply pipe select and then export as 
shown in the following code that shows the export of certain attributes of 
users’ mailboxes from Exchange Server (to be run in the Exchange shell): 


Get-Mailbox -ResultSize unlimited | Select 
Name, identity, 
WindowsEmailAddress, Database, ProhibitSendQuota, ProhibitSenc 
| export-—csv c:\mailboxes.csv -notypeinfo 
There are many complex situations where you need scripting code to 
format the data in the right manner. Listing 8-1 and Figure 8-1 show where 
you have a list of users in a text file and you want to export their Active 
Directory attributes and some Exchange attributes in a CSV file. In this 
case, get, select, and export are not possible. This code can be used in all 
such situations where you want to export the data in the CSV form but a 
simple operation is not possible. 
You want to export attributes 
Name, identity, WindowsEmailAddress, Database, ProhibitSend¢ 


and IssueWarningQuota and also attributes employeeid, 1, C 
from Active Directory. 


Note 


The Exchange and AD modules are both required. You need to connect 
to them. The script will fail if they are not loaded. 


To load them, use your knowledge from previous chapters. 
Load the Exchange on-premise shell using vsadmin 
launchexonprem: 


LaunchEXOnprem —-ComputerName ExchangeServer 
For Active Directory, you can use 
Import—Module Activedirectory 


Scollection=@() #array to collect report data 
Sdata = get-content .\users.txt #read samaccountname 
from text file 
$data | foreach-object{ 
Scoli = "" | Select 
Name, identity, WindowsEmailAddress, Database, ProhibitSendQuot 
1,C #values needed in report 


Sgetmbx = get-mailbox -identity $_ 

Sgetaduser = get-aduser -identity $_ -properties 
employeeid, 1,C 

Scoll.Name = S$getmbx.Name 

Scoll.identity = Sgetmbx.identity 

Scoll.WindowsEmailAddress = 
Sgetmbx.WindowsEmailAddress 

Scoll.Database= Sgetmbx.Database 

Scoll.ProhibitSendQuota = $getmbx.ProhibitSendQuota 

Scoll.ProhibitSendReceiveQuota = 
Sgetmbx.ProhibitSendReceiveQuota 

Scoll.IssueWarningQuota = $getmbx.IssueWarningQuota 

Scoll.employeeid = S$getaduser.employeeid #note 
difference here 

Scoll.1 = Sgetaduser.1 

Scoll.c = $getaduser.c 

Scollectiont+t=Scoll #add the collected values to the 
collecttion array 


} 

#now export to CSV file 

Scollection | Export-—Csv .\report.csv — 
NoTypeInformation 


Listing 8-1Exporting to CSV When Fetching From Multiple Sources 


2C > Boot (C:) > temp 


Name Date modified Type Size 
EB) report.csv 8/30/2021 4:35PM _—— Microsoft Excel C... 

(2) Listing 8.1.ps1 8/30/2021 4:11PM Windows Powers... 

BI users.txt 8/30/2021 4:08 PM — Text Document 


| E& Administrator: Windows PowerShell 


SS1Qh27 saxtsonsse test1DNz 


Sosasssecscos test2DMZ 
PS C:\temp> 
AutoSave (SD) =; 
File Home Insert Draw Page Layout Formulas Data Review 
D6 a Fe 
fh || || a ee 


1 j Name identity Windowst Database ProhibitSe ProhibitSe IssueWarr employee | 
2 |test1DMZ labtest.co test1DMZi LabDAGM Unlimited Unlimited Unlimited 


3 |test2DMZ labtest.co test2DMZ LabDAGM 2 KB (2,042 KB (2,04i 2 KB (2,048 bytes) 
A 


Figure 8-1Showing the execution result of Listing 8-1 


Another important aspect of CSV reporting is to export multi-valued 
attributes. Here is an example of extracting recipients (which is a multi- 
valued attribute) in Exchange tracking logs: 


@{Name="Recipents";Expression={$_.recipients}} 
See Listing 8-2 for an example of extracting recipient values from 
Exchange transport logs. 


Get-transportserver | Get—MessageTrackingLog - 
Start"03/09/2015 00:00:00 AM" —-End"03/09/2015 
11:59:59 PM" —-sender "vikas@lab.com" -resultsize 
unlimited | 

select-—object 


Timestamp, clientip, ClientHostname, ServerIp, ServerHostname, s 
TotalBytes , SourceContext,ConnectorId, Source, 
InternalMessagelId , MessagelId 
,@{Name="Recipents";Expression={$_.recipients}} | 
export-—csv c:\track.csv 


Listing 8-2Example Code Showing How to Export Multi-Value Attributes 


Excel Reporting 


Although CSV reports are fine for most purposes, there are situations in 
which you want to share the data with your managers so converting the 
CSV file to Excel is a much-needed script. I will share two methods for 
doing the same. 

The first method exists in the vsadmin module that was shared in the 
modules chapter. 


Note 


Excel should be installed on the machine to use this method. 


Listing 8-3 shows the code of the Save-CSV2Excel function in case 
you do not have the vsadmin module installed or do not want to use it. 


Function Save-CSV2Excel 


{ 


[CmdletBinding() ] 
Param ( 
[Parameter (Mandatory = Strue,Position = 1) ] 
[ValidateScript ({ 
if (-Not ($_ | Test-Path) ) {throw "File or 
folder does not exist"} 
if (-Not ($_ | Test-Path -PathType Leaf) ) 


{throw "The Path argument must be a file. Folder 
paths are not allowed."} 
if ($_ -notmatch "(\.csv)") {throw "The file 
specified in the path argument must be either of type 
csv" } 
return Strue 
})] 
[System.1I0.FileInfo]$CSVPath, 


[Parameter (Mandatory = Strue) ] 
[ValidateScript ({ 
if ($_ -notmatch "(\.xlsx)") {throw "The file 
specified in the path argument must be either of type 
xlsx"} 
return Strue 
})] 
[System.10.FileInfo] $Exceloutputpath 
) 
Httiti#t Borrowed function from Lloyd Watkinson from 
script gallery## 
Function Convert—NumberToAl 
{ 
Param([parameter (Mandatory = Strue) ] 
[int] $number) 


SalValue = Snull 
While (Snumber -gt 0) 
{ 


Smultiplier = [int] 
[system.math]::Floor((S$number / 26)) 
ScharNumber = Snumber —- (Smultiplier * 26) 


If (S$charNumber -eq 0) { Smultiplier-—- ; 
ScharNumber = 26 } 

SalValue = [char] (S$charNumber + 64) + SalValue 

Snumber = Smultiplier 


} 
Return S$alValue 
} 
HHHHEEEPEEEEEPER HR ESC art Converting 
SOXCCLHEFHEEEE HE HEHEHE HE HEHE HEH HEE 
Simportcsv = Import-—Csv $CSVPath 
$countcolumns = (Simportcsv | 
Get-Member | 
Where-Object{$_.membertype -eq 
"Noteproperty"}) .count 
HEEFT PEEEP EECALL Excel com object 


HEHEHE HHH HHH HH 
Sxl = New-Object -comobject excel.application 
Sxl.visible = Sfalse 


SWorkbook = $xl.workbooks.open(SCSVPath) 
SWorkbook.SaveAs (SExceloutputpath, 51) 


SWorkbook.Saved = $true 

Sx1.Quit () 

HEEFHHEEPE THE FENOW format the 
EXce lLF#HHEFHHE HEHEHE EE EEE 

timeout.exe 10 #wait for 10 seconds before saving 

Sxl = New-Object -comobject excel.application 

Sxl.visible = Sfalse 

SWorkbook = $xl.workbooks.open (SExceloutputpath) 

Sworksheetl = SWorkbook.worksheets.Item(1) 

for ($c = 1; $c -le Scountcolumns; S$c++) 
{Sworksheet1.Cells.Item(1, $c) .Interior.ColorIndex = 
39} 


Scolvalue = (Convert-—NumberToAl Scountcolumns) + 
mq0 

SheaderRange = Sworksheet1l.Range("al", Scolvalue) 

Snull = SheaderRange.AutoFilter () 

Snull = SheaderRange.entirecolumn.AutoFit () 


Sworksheet1l.rows.item(1).Font.Bold = Strue 

SWorkbook. Save () 

SWorkbook.Close() 

Sxl.Quit () 

SNull = 
[System.Runtime.Interopservices.Marshal]::ReleaseComObject | 

PEER ER ERE REE EEE EEE EE ETE EE EEE EE EE EERE EE HEE EH EH EE EH EE EE EH A 
}#Write-CSV2Excel 


Listing 8-3Cheat Code for the Save-CS V2Excel Function 

Let’s use the CSV report from Listing 8-1 and convert it to Excel using 
Save-CSV2Excel. See Figure 8-2. 

Save-CSV2Excel -CSVPath c:\temp\report.csv - 
Exceloutputpath c:\temp\report.xlsx 


sPC >» Boot(C:) >» temp 


Name Date modified Type Size 

iB} report.xlsx 8/30/2021 4:38PM — Microsoft Excel W... 11 KB 
EB} report.csv 8/30/2021 4:38PM —- Microsoft Excel C... 1KB 
(® Listing 8.1.ps1 8/30/2021 4:11 PM Windows Powers... 2KB 


‘or; Windows 


c:\temp\report. csv c:\temp\report.x!s> 
Waiting for O seconds, press a key to continue ... 
PS C:\temp> 
AutoSave ») = g ~ ¥ reportxlsx + 
File Home Insert Draw Page Layout Formulas Data Review View Help 
A2 ~z Se testl1DMZ 


est1D! labDAGM01_DB01 Unlimited 
3 |test2DMZ labtest.com/test2DMZ test2DMZ@labtest.com —labDAGM01_DB01 2 KB (2,048 bytes) 2 


Figure 8-2Showing a CSV-to-Excel conversion 


There is a module named ImportExcel. It is one of the most popular 
modules in the PowerShell Gallery. You can utilize this module to directly 
convert variables to Excel. Get it from 
www.powershellgallery.com/packages/ImportExcel. 
Install the module on your machine and then import it to utilize it: 


Install-Module -Name ImportExcel 
Let’s use the same report and use this new module to convert it into Excel. 
The advantage of using this module is that it does not require Excel to be 
installed on the machine. See Figure 8-3. 

Import-Module -Name ImportExcel 


Sdata = Import-Csv .\report.csv 
$data | Export-Excel -Path c:\temp\report.xlsx 


PC > Boot (C:) > temp 


Name Date modified Type Size 
B:) report.xlsx 9/1/2021 8:37 AM Microsoft Excel W... 3 
a) report.csv 8/30/2021 4:38PM ~— Microsoft Excel C... 1 


AutoSave =I @y- report. 


File Home Insert Draw Page Layout Formulas Data Review 


Al a Fe Name 


| B | c | D | E | F | G | H i 


1 |Name identity Windowst Database ProhibitSe ProhibitSe IssueWarr employee! 


5 ore \temp> ImportExce 
6 PS C:\temp> .\report. csv 
PS C: ENN as c:\temp\report. x1sx 


Figure 8-3Using the Import-Excel module 


There are lot of other parameters inside that function like the formatting 
of Excel, which I leave to you to explore! 


HTML Reporting 


It would be wonderful if we could create HTML dashboards with 
PowerShell © that can show traffic light-type signals. For example, if a 
service is down, it shows red. Otherwise, it shows aaul See Figure 8-4. 


_RTCCPS - = 7 _ j Running 
RTCDATAMCU || Running 
RTCIMMCU E Running 
RTCMEDSRV If Running i 
RICMEETINGMCU | Running 
RTCRGS | Running 
RtcSrv Running 
REPLICA (stopped 
RTCASMCU | stopped 
RTCATS ee 
RTCAVMCU [Stopped 
RTCCAA a 
RTCCAS stopped 
RTCCPS. Stopped 


Figure 8-4An HTML table report 


Listing 8-4 is a template for HTML coding that you can use inside 
scripts and do traffic light-type operations based on conditions. 


Sreport = Sreportpath 

Clear-Content S$report 

HHFHHEHEEEEEEHEFHHIML Report 
ContentHHHt et tt HHH HEHE HEH HE HH EH HEH HH 

Add-Content Sreport "<html>" 

Add-Content Sreport "<head>" 

Add-Content Sreport "<meta http-equiv='Content-—Type' 
content='text/html; charset=iso-8859-1'>" 
Add-Content Sreport '<title>Exchange Status Report</ 
title>' 

add-content Sreport '<STYLE TYPE="text/css">' 


add-content Sreport "<!--" 

add-content Sreport "td {" 

add-content Sreport "font-family: Tahoma;" 
add-content Sreport "font-size: llpx;" 


add-content Sreport "border-top: lpx solid #999999;" 
add-content S$report "border-right: lpx solid 
#999999;" 

add-content S$report "border-bottom: lpx solid 
#999999;" 

add-content Sreport "border-left: lpx solid 
#999999;" 

add-content Sreport "padding-top: Opx;" 
add-content S$report "padding-right: Opx;" 
add-content Sreport "padding-bottom: Opx;" 
add-content Sreport "padding-left: Opx;" 
add-content Sreport "}" 

add-content Sreport "body {" 

add-content Sreport "margin-left: 5px;" 
add-content Sreport "margin-top: 5px;" 
add-content Sreport "margin-right: Opx;" 
add-content Sreport "margin-bottom: 10px;" 
add-content Sreport "™" 

add-content Sreport "table {" 

add-content Sreport "border: thin solid #000000;" 
add-content Sreport "}" 

add-content Sreport "-—-—>" 

add-content Sreport "</style>" 

Add-Content Sreport "</head>" 


Add-Content Sreport "<body>" 

add-content Sreport "<table width='100%'>" 
add-content S$report "<tr bgcolor='Lavender'>" 
add-content Sreport "<td colspan='7' height='25' 
align='center'>" 


add-content Sreport "<font face='tahoma' 
color='#003399' size='4'><strong>DAG Active Manager</ 
strong></font>" 


add-content Sreport "</td>" 

add-content Sreport "</tr>" 

add-content Sreport "</table>" 

add-content Sreport "<table width='100%'>" 
Add-Content Sreport "<tr bgcolor='IndianRed'>" 
Add-Content Sreport "<td width='10%' 
align='center'><B>Identity</B></td>" 

Add-Content Sreport "<td width='5%' 
align='center'><B>PrimaryActiveManager</B></td>" 
Add-Content Sreport "<td width='20%' 
align='center'><B>OperationalMachines</B></td>" 
Add-Content Sreport "</tr>" 

HHEEEEEEE EEE HEHEHE HE HE HEE HHH EE PREpOrt 
Templatetettittt tt Ht tt tt tt tH et Het H EE HE EH EE HH 
add-content S$report "<tr bgcolor='Lavender'>" 
add-content Sreport "<td colspan='7' height='25' 
align='center'>" 

add-content Sreport "<font face='tahoma' 
color='#003399' size='4'><strong>DAG Database Backup 
Status</strong></font>" 

add-content Sreport "</td>" 

add-content Sreport "</tr>" 

add-content Sreport "</tr>" 

add-content Sreport "</table>" 

add-content Sreport "<table width='100%'>" 
Add-Content Sreport "<tr bgcolor='IndianRed'>" 
Add-Content Sreport "<td width='10%' 
align='center'><B>Database</B></td>" 

Add-Content Sreport "<td width='5%' 
align='center'><B>BackupInProgress</B></td>" 
Add-Content Sreport "<td width='10%' 
align='center'><B>SnapshotLastFullBackup</B></td>" 
Add-Content Sreport "<td width='5%' 
align='center'><B>SnapshotLastCopyBackup</B></td>" 


Add-Content Sreport "<td width='10%' 
align='center'><B>LastFullBackup</B></td>" 
Add-Content Sreport "<td width='5%' 
align='center'><B>RetainDeletedItemsUntilBackup</B></ 
td>" 


Sdbst= Get-—MailboxDatabase | where{$_.MasterType - 
like "DatabaseAvailabilityGroup"} 


$dbst | foreach{$st=Get-MailboxDatabase $_ -status 
Sdbname = Sst.Name 
Sdbbkprg = S$st.BackupInProgress 
Sdbsnpl = $st.SnapshotLastFullBackup 
Sdbsnplc= S$st.SnapshotLastCopyBackup 
Sdblfb = Sst.LastFullBackup 
Sdbrd = Sst.RetainDeletedItemsUntilBackup 
Add-Content Sreport "<tr>" 
Add-Content Sreport "<td bgcolor= 'GainsBoro' 
align=center> <B>S$dbname</B></td>" 
Add-Content Sreport "<td bgcolor= 
"GainsBoro' align=center> <B>S$dbbkprg</B></td>" 
Add-Content Sreport "<td bgcolor= 'GainsBoro' 
align=center> <B>S$dbsnpl</B></td>" 
Add-Content Sreport "<td bgcolor= 
"GainsBoro' align=center> <B>S$dbsnplc</B></td>" 
if ($dblfb -l1t Shrs) 
{ 
Add-Content Sreport "<td bgcolor= 'Red' 
align=center> <B>Sdblfb</B></td>" 
} 
else 
{ 


Add-Content Sreport "<td bgcolor= 'Aquamarine' 
align=center> <B>Sdblfb</B></td>" 
} 
Add-Content Sreport "<td bgcolor= 'GainsBoro' 
align=center> <B>Sdbrd</B></td>" 
Add-Content Sreport "</tr>" 


} 

HERE ERE EERE REE EH EEE EE EEE EE EH EE EE EE EE EEE EH EH EH EE EE EH A 
Add-content Sreport "</table>" 

Add-Content $report "</body>" 


Add-Content Sreport "</html>" 


Listing 8-4Template for HTML Coding 

See examples at the following links where this template has been 
successfully utilized for the Exchange Health Check, AD Health Check, 
and Monitor Remote services: 

https://techwizard.cloud/exchange-2010-health- 
check/ 

https://techwizard.cloud/adhealthcheck/ 

https://techwizard.cloud/monitor-—windows- 
services-status-remotely/ 

As mentioned, you can use the HTML Online Editor to create HTML 
and use it in your PowerShell scripts (https: //html-—online.com/ 
editor/). 


Summary 


In this chapter, you learned about reporting. CSV, HTML, and Excel are 
three common report types used by almost all systems. By learning how to 
run these reports you can easily impress managers with the data they need 
in a format that is understandable. 
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In this chapter, you will be introduced to keywords in PowerShell. These 
keywords can perform data manipulation, which is a crucial part of any 
scripting or automation operation. 

In the next chapter, you will use the knowledge you have gathered in 
this book to create some practical production scripts using the cheat codes 
shared in this book. 


Split 

The split keyword can be used to extract data out of a string. Say there 
is an email address inside a string and you want to get it, or you want to 
extract some useful information out of a text string. 

Let’s go through an example to understand it more. Let’s extract the 
first name and last name from an email address string. You will use 
split because it can split the string on any character and convert it into 
array. You will split the email address on the dot (.). After that, in element 
O of the array you get the first name, but for last name you must split again 
at character @. 


Semail = "Vikas.Sukhija@labtest.com" 
Semsplit = Semail.split(".") 
Sfirstname = Semsplit [0] 

Slastname = (Semsplit[1] -split "@") 
Slastn = Slastname[0] 


Semsplit[0] and Slastname[0] 
See the step-by-step split operation in Figure 9-1 for a better 
understanding of how to use it. 


E Windows PowerShell 


:\temp> $email = "Vikas.Sukhija@labtest.com" 
:\temp> $emsplit = $email.split(".") 

:\temp> $emsplit 

ikas 

ukhija@labtest 

om 

:\temp> $firstname = $emsplit[e] 

:\temp> $firstname 

ikas 

:\temp> $lastname = ($emsplit[1] -split "@") 
:\temp> $lastname 


:\temp> $lastn = $lastname[e@] 
:\temp> $lastn 


ukhija 
:\temp> 


Figure 9-1Showing the split operation 


Replace 


Another keyword is replace. Instead of splitting the string, you can 
replace the content of the string with other content. 

You can use replace when you want to replace data in a string. Say 
you want to add an underscore instead of a dot because you want to update 
a secondary address. You can use this code and see the result in Figure 9-2: 


Semail = "Vikas.Sukhija@labtest.com" 
Semreplace = Semail.replace(".","_") 


EX Windows PowerShell 
:\temp> $email = "Vikas.Sukhija@labtest.com" 
:\temp> $emreplace = $email.replace(".","_") 
:\temp> $emreplace 


ikas_Sukhija@labtest_com 
:\temp> 


Figure 9-2Showing a replace operation 


Select-String 


Select-—String can do wonders because you can use it to find strings 
inside files. Here is a practical use for it, which I have used many times 
(while others have struggled and spent ample hours trying to solve): finding 
the right date and time of an operation from a large number of log files. 

Say you have a large number of files inside the logs folder and you 
just want to find the files where the string error is present: 


Get-ChildItem c:\data\logs | Select-String - 
Pattern "Error" 

This simple one-liner will search for the string error in all of the log 
files inside the logs folder. Figure 9-3 show how it extracted the file 
name of the file that has the error. 


a 
ie Get-ChildItem c:\data\logs | Select-String -Pattern “Error” 


:\data\logs\ADDtoAirwatchSmartGroup-Log_8-29-2621_10-@1AM_.log:5: |@8/29/2021 10:02:01| Jexception occured| |Error| 


Figure 9-3Showing a Select-String operation 


Compare-Object 


Compare-Ob ject (alias Compare) is used many times to compare two 
files or two arrays. It is faster than comparing the arrays or files using for 
loops. I use it many times for fetching members from a group and 
comparing them with a text file that has user IDs. This approach fetches 
only members that are not already part of the group and adds them, instead 
of processing all members. 

Listing 9-1 adds members from one group to another. 


Note 


The Active Directory module is required for this to work. 


HHTEHETEETTPETEETEEE ETH EEELet ching groupl 
HEE aE HEHE HH HHH 


Scollgroupl = Get-ADGroup -id "group1" —Properties 
member | 
Select-Object -ExpandProperty member | 
Get-ADUser | 
Select-Object -ExpandProperty samaccountname 
HHFEEEEEEEEEEEEEEEH HEE EH EEHEet Ching group2 
HEE EE HEE HEE HEHE HHH 
Scollgroup2 = Get-ADGroup -id "group2" —Properties 
member | 
Select-Object -ExpandProperty member | 
Get-ADUser | 
Select-Object -ExpandProperty samaccountname 
HHFHEHEEEEEEEEEEHE EE ECOMpare two 
QLOUPSHH HEHEHE HHH HHH HEE HHH HF 
Schange = Compare-Object -ReferenceObject 
Scollgroupl -DifferenceObject Scollgroup2 
SAddition = $change | 
Where-Object -FilterScript {$_.SideIndicator -eq 
Meum} | 
Select-Object -ExpandProperty InputObject 
##ttt i tadding only members that are missing in 


QLOUP2ZHHHHEEEE EE HHT H 
$Addition | ForEach-Object { 
Ssam = $_ 


Add-ADGroupMember —-identity "group2" —Members 
$sam 
} 
HEGRE HEE HEE EEE HEE HE EE EH EE HE EE HE EH EE HE EH EE HE EE EH EE HH EE HH A 


Listing 9-1Cheat Code for Adding Members Using Compare-Object 
Similarly, you can do a remove operation by using Compare- 
Object, as shown in Listing 9-2. 


HHFEEEEEEEEEEEEEEE HEE EHEEHEet Ching groupl 
HEEEEREEE HEH EH EH EH 

Scollgroupl = Get-ADGroup -id "group1" -—Properties 
member | 

Select—-Object -ExpandProperty member | 

Get-ADUser | 

Select—-Object —-ExpandProperty samaccountname 
HHFEEEEEEEEEEEEEEEHE HEE EHEEHEet Ching group2 
HEREEREREEEE EH EH EH 

Scollgroup2 = Get-ADGroup -id "group2" —Properties 


member | 
Select—-Object -ExpandProperty member | 
Get-ADUser | 
Select—-Object —-ExpandProperty samaccountname 
HHFHEHEHEEEEEEEEE EEF ECOMpare two 
QLOUPSHHHHHEH HEH HE HEE HE HEH HH 
Schange = Compare-Object -ReferenceObject 
Scollgroupl -DifferenceObject Scollgroup2 
$Removal = $change | 
Where-Object -FilterScript {$_.SideIndicator -eq 
m=5"} | 
Select—-Object -ExpandProperty InputObject 
####Removing members that are in group2 but not in 
group l#Htttt ttt 
$Removal | ForEach-Object { 
Ssam = $_ 
Remove-ADGroupMember -identity "group2" — 
Members $sam —-confirm:Sfalse 
} 
HEE HHH HE EEE HEE HEE EEE HE EH EE HE EH EE HE EH HEH HE EE EE HE EH HE HH A 


Listing 9-2Cheat Code for Removing Members Using Compare-Object 
You can combine both operations in one script and synchronize two 
groups based on group] as the anchor. Listing 9-3 shows this operation. 


HHFEEEHEEEEEEEEEEEH EE EHEEHEet Ching groupl 
HHEEEE HEE HEE HEE HHH 

Scollgroupl = Get-ADGroup -id "group1" -—Properties 
member | 

Select—-Object -ExpandProperty member | 

Get-ADUser | 

Select-Object —-ExpandProperty samaccountname 
HHFHEEEEEEEEEEEEEEEHE EE EHEEHEet Ching group2 
HHEEEE HEE HE HEE HHH 

Scollgroup2 = Get-ADGroup -id "group2" —Properties 
member | 

Select-—Object -ExpandProperty member | 

Get-ADUser | 

Select—-Object —-ExpandProperty samaccountname 
HHFHEEEEEEEEEHEEHEEFECOMpare two 
QLOUPSHHHHHEH HEH HE HE HEHEHE HE 

Schange = Compare-Object —-ReferenceObject 
Scollgroupl -DifferenceObject Scollgroup2 


SAddition = $change | 

Where-Object -FilterScript {$_.SideIndicator -eq 
Wea } | 

Select—-Object -ExpandProperty InputObject 


$Removal = $change | 

Where-Object -FilterScript {$_.SideIndicator -eq 
m=5"} | 

Select—-Object -ExpandProperty InputObject 
##tttttadding only members that are missing in 


QGroup2te ttt Ht 
$Addition | ForEach-Object { 
Ssam = $_ 


Add-ADGroupMember -identity "group2" —Members 
Ssam 


} 


####Removing members that are in group2 but not in 


Group l#Htttt ttt 
$Removal | ForEach-Object { 
Ssam = $_ 


Remove-ADGroupMember -identity "group2" — 
Members $sam -confirm:Sfalse 


} 
HE aE aE aE aE aE aE aE aE aE ae aE aE HE aE aE aE aE aE aE aE aE HE a aE HEE ae HE HEE aE EE aE EE aE HE aE a EH 


Listing 9-3Cheat Code for Synchronizing Two Groups Using Compare-Object 
(Based on group! as the Anchor) 

You can also use the other approach, so instead of removing from 
group2 you just use ADD-Groupmember for group! so you can truly 
synchronize both groups. Any user object that is not present in group2 but 
is in group! should be added to group2, and any user object not present in 
group! but in group2 should be added to group1: 


ADD-ADGroupMember -identity "groupl1" -Members Ssam 
instead of 


Remove-ADGroupMember -identity "group2" -Members 
Ssam -confirm:$false 

There are other nice tricks you can perform with Compare-Object. 
Say you have two CSV files. One just has email addresses of users; the 
other has email addresses and other properties. You want all details from 
CSV file 2 for the users in CSV file one. 


Listing 9-4 shows an example for OneDrive properties. There are two 
CSV files. One contains user email addresses and the other contains email 
addresses and other properties in other columns. 


Simportallonedrivesites = import-csv "c: 
\importonedrives.csv" # onedrive file with other 
attributes 

Simportspofile = import-csv "c:\users.csv" #users 
email addresses 


Schange = Compare-Object -ReferenceObject 
Simportallonedrivesites —-DifferenceObject 
Simportspofile -Property owner -—IncludeEqual - 
PassThru #owner is the column name for users email 
addreses 

Schange | where{S_.SideIndicator -eq "==" -or 
$_.SideIndicator -eq "=>"} | 

select Owner, Title, url, StorageUsageCurrent, 
StorageQuota, StorageQuotaWarningLevel | 

Export—Csv "c:\newfile.csv" -NoTypeInformation 


Listing 9-4Cheat Code for Merging Two CSV Files Using Compare-Object 


Summary 


In this chapter, you learned about important keywords in PowerShell, 
which will help you with data manipulation or transformation. This means 
you can automate information when the data input is in a different format 
than expected. 


© The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature 2022 
V. SukhijaPowerShell Fast Track 
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10. Gluing It All Together 


Vikas Sukhijai 


(1) 

Waterloo, ON, Canada 
This is the last chapter of this book, and in it I will show you how to use the 
knowledge you have gathered thus far to create a practical script. I will also 
share some cheat codes from different products that you can utilize for your 
daily needs. 

Here is the scenario: You get a text file from your HR system that 
contains a list of account names (Figure 10-1) that you want to add to an 
Active Directory group so that they can access a particular file share where 
this AD group has permissions, or get some app pushed to their devices 
based on their membership of that AD group. 


Urganize 


‘his PC > OSDisk (C:) > temp 


“A 


Name 


E} users.txt 


~)) users.txt - Notepad 


File Edit Format View Help 
user1 
user2 
user3 
userd| 


Figure 10-1Showing the example users text file 
Step 1: Add headers to the script (see Figure 10-2): 


<# 
. NOTES 


Created with: ISE 


Created on: 9/6/2021 1:46 PM 
Created by: Vikas Sukhija 
Organization: 
Filename: ADDUserstoGroupfromText.psl 
. DESCRIPTION 
This will add the users from text file to AD 
group 
#> 
<# 
NOTES 
Created with: ISE 
Created on: 9/6/2021 1:46 PM 
Created by: Vikas Sukhija 
Organization: 
Filename: ADDUserstoGroupfromText. ps1 
. DESCRIPTION 
This will add the users from text file to AD group 
#> 


Figure 10-2Showing headers in ISE 
Step 2: Import all modules that you will utilize for this script: 


If you do not want to use the vsadmin module , then just use the 
functions instead. 


import-—module vsadmin 
import-module Activedirectory 
Step 3: Add some variables and logs for your script: 


Slog = Write-Log -Name "ADDUser2Group-Log" —folder 
"logs Ww —-Ext "Log" 
Susers = get-content "c:\temp\users.txt" 


SAdgroup = "ADgroup1" 
Slogrecyclelimit = "60" #to recycle the logs after 60 
days 


Step 4: Start the actual operation: 


Write-Log —-Message "Start............... script" -path 
Slog 


Susers | foreach-object { 


Suser = $_.trim() #triming fro any whitespace 
Write-Log -Message "ProcesSing.......... Suser" — 
path Slog 


Sgetusermemberof = Get-ADUserMemberOf —-User Suser - 
Group SAdgroup #checking if user si already member 
if (Sgetusermemberof -eq S$true){ #if users is 
already mebe rjust write it to log 
Write-Log -Message "Suser is already member of 
SAdgroup" -path Slog 
} 
else{ 
Write-Log -Message "ADD Suser to SAdgroup" -path 
Slog 
Add-ADGroupMember -identity SAdgroup -—members 
Suser 
if (Serror) { #error checking, if error occurs add 
in log 
Write-Log —-Message "Error — ADD Suser to 
SAdgroup" -path Slog 
Serror.clear() # clearing the error as it has 
already been captuire for this iteration 
} 
else{ 
Write-Log -Message "Success — ADD Suser to 
SAdgroup" -path Slog 
} 


Step 5: Recycle logs or clean up the sessions (see Listing 10-1). 


HTT EET HTT HT HHT TH HEHRECYCle 
Logs Hata Ha a a aE EET EE PET TH aE EEE 


Set-Recyclelogs -foldername "logs" —limit 
Slogrecyclelimit -Confirm:S$false 


Write-Log -Message "Script Finished" -path $log 


Glue is all together to form a nice script as shared 
in Listing 10.1 
<# 

-NOTES 


Created with: ISE 


Created on: 9/6/2021 1:46 PM 

Created by: Vikas Sukhija 

Organization: 

Filename: ADDUserstoGroupfromText.psl 

. DESCRIPTION 

This will add the users from text file to AD 
group 


#> 

HEHEHE HH HEHE IMport modules and 
LUNCCIONSHHHFEE EEE EEE HHH EHH HE HH 
import-module vsadmin 
import-module Activedirectory 


HEHEHE HHHEHHEHHAGA Logs and 
Variables#tt Fee ee a ett HEE EEE HE HE HEE HEHE F 

Slog = Write-Log -Name "ADDUser2Group-Log" —folder 
"logs" -Ext "log" 

Susers = get-content "c:\temp\users.txt" 


SAdgroup = "ADgroupl1" 
Slogrecyclelimit = "60" #to recycle the logs after 60 
days 
HeEE EH EE HEE EEE HEE HE EEE HEE HE EH EE HEE HE EH HEH HE EH HE HE EH HEE HH A 
Write-Log -Message "Start............... script" -path 
Slog 
Susers | foreach-object { 
Suser = $_.trim() #triming fro any whitespace 
Write-Log -Message "ProcesSing.......... Suser" — 
path Slog 


Sgetusermemberof = Get-ADUserMemberOf —-User Suser - 
Group SAdgroup #checking if user si already member 
if (Sgetusermemberof -eq Strue){ #if users is 
already mebe rjust write it to log 
Write-Log —-Message "Suser is already member of 
SAdgroup" -path Slog 
} 
else{ 
Write-Log -Message "ADD Suser to SAdgroup" -path 


Slog 
Add-ADGroupMember -identity SAdgroup -member 
Suser 
if (Serror) { #error checking, if error occurs add 
in log 
Write-Log -—Message "Error — ADD Suser to 
SAdgroup" -path Slog 
Serror.clear() # clearing the error as it has 
already been captuire for this iteration 
} 
else{ 
Write-Log -Message "Success — ADD Suser to 
SAdgroup" -path Slog 
} 


} 

HHEHEEEHEE HE HHH HH HEH HEH HEH RECYClEe 
LOGS#HHHHE EEE EEE HEE HEH EEE HEE EEE HEE 
Set-Recyclelogs -foldername "logs" -—limit 
Slogrecyclelimit -Confirm:$false 

Write-Log -Message "Script Finished" -path $log 


Listing 10-1Cheat Code Script Template Example 

Let’s run this cheat code by changing the variable adgroup and 
adding users in the text file as per the production environment. See Figure 
10-3. 


Organize New Open Select 
hisPC > Boot(C:) > temp 
Name Date modified Type Size 
it) Listing 10.1.ps1 9/6/2021 10:52 AM Windows Powers... 2KB 
5) users.tet 9/6/2021 10:51AM Text Document 1KB 


9/6/2021 10:53AM File folder 


a ADDUser2Group-Log_9-6-2021_10-53AM_.log - Notepad 
File Edit Format View Help 

[09/06/2021 10:53:00| [SHARE < cicise cemeaine-ne script| |Information| 

|@9/@6/2021 10:53:@0|  |Processing.......... user1| | Information| 

|@9/06/2021 10:53:@0| |ADD sukhijv to messaging offshore| |Information| 

|@9/06/2021 10:53:@@| [Success - ADD userl to messaging offshore| |Information| 
|@9/06/2021 10:53:00]  |Processing.......... user2| | Information| 

|@9/06/2021 10:53:@0|  |user2| is already member of bsc messaging offshore| | Information| 
]@9/@6/221 10:53:@0|  |Script Finished] |Information| 


Figure 10-3Showing execution of the script ADDUserstoGroupFromText.ps1 


In a similar fashion, you can create multiple scripts for different 
production uses. I have shared hundreds of scripts with the community over 
the past 10 years, which you can access via the following link and modify 
as per your needs. The majority of scripts share the same principles 
described in this book: https: //techwizard.cloud/ 
downloads/. 


Product Examples (Daily Use) 


In this section, I share snippets that you can use as-is or combine in your 
scripts for daily admin tasks. Due to my love for Exchange, I use Microsoft 
Exchange ©. Here are Exchange Script excerpts that you can use on a day- 
to-day basis. 


Microsoft Exchange 


Clean Database So That Mailboxes 
Appear in a Disconnected State 


Get-MailboxServer | Get-MailboxDatabase | Clean- 
MailboxDatabase 


Find Disconnected Mailboxes 


Get-ExchangeServer | Where-Object {$_.IsMailboxServer 
-eq Strue} | ForBach-Object { Get-MailboxStatistics — 
Server $_.Name | Where-Object {$_.DisconnectDate - 
notlike '"'}} 


Extract Message Accept From 


Get-distributiongroup "dl name" | foreach { 


S_.AcceptMessagesonlyFrom} | add-content "c:/output/ 
abc.txt" 


Active Sync Stats 


Get-CASMailbox -ResultSize unlimited | where 
{$_.ActiveSyncEnabled -eq "true"} | ForBach-Object 
{Get-ActiveSyncDeviceStatistics -Mailbox:$_.identity} 
| select Devicetype, DeviceID, DeviceUserAgent, 
FirstSyncTime, LastSuccessSync, Identity, 
DeviceModel, DeviceFriendlyName, DeviceOS | Export— 
Csv c:\activesync.csv 


Message Tracking 


Get-transportserver Get-MessageTrackingLog -Start 
"03/09/2015 00:00:00 AM" -End "03/09/2015 11:59:59 
PM" -sender "vikas@lab.com" -resultsize unlimited | 
select 
Timestamp, clientip, ClientHostname, ServerIp, ServerHostname, s 
TotalBytes , SourceContext,ConnectorId, Source , 
InternalMessagelId , MessageId 
,@{Name="Recipents";Expression={$_.recipients}} | 
export-—csv c:\track.csv 


Search Mailbox/Delete Messages 


Search only: 


import-csv c:\tmp\messagesubject.csv | foreach 

{Search-Mailbox $_.alias -SearchQuery subject:"Test 

SUbject" —-TargetMailbox "Exmontest" -—TargetFolder 

"Logs" -LogOnly -LogLevel Full} >c:\tmp\output.txt 
Delete: 


import-—csv c:\tmp\messagesubject.csv | foreach 
{Search-Mailbox $_.alias -SearchQuery subject:"Test 
Schedule" -DeleteContent -force} >c:\tmp\output.txt 


Delete and log: 


import-—csv c:\tmp\messagesubject.csv | foreach 
{Search-Mailbox $_.alias -SearchQuery Subject:"test 
Story", Received:>'5/23/2018' -TargetMailbox 
"Exmontest" -TargetFolder "Logs" -deletecontent - 
force} >c:\tmp\testlog-23-29-left.txt 


Exchange Quota Report 


This example is found under Export-CSV as well. 


#format Date 

Sdate = get-date -format d 

Sdate = Sdate.ToString().Replace("/", "-") 
Soutput = ".\" + "QuotaReport_" + $date + "_.csv" 


Collection = @() 

Get-Mailbox -ResultSize Unlimited | foreach-object { 

Sst = get-mailboxstatistics $_.identity 

STotalSize = S$st.TotalItemSize.Value.ToMB () 

Suser = get-user $_.identity 

$mbxr = "" | select 

DisplayName, Alias, RecipientType, TotalItemSizeinMB, 
QuotaStatus, 

UseDatabaseQuotaDefaults, IssueWarningQuota, ProhibitSendQuot 
Itemcount, Email, ServerName, Company, Hidden, 
OrganizationalUnit, 

RecipientTypeDetails, UserAccountControl, Exchangeversion 


Smbxr.DisplayName = $_.DisplayName 
Smbxr.Alias = S_.Alias 
Smbxr.RecipientType = Suser.RecipientType 
Smbxr.TotalItemSizeinMB = STotalSize 
Smbxr.QuotaStatus = $st.StorageLimitStatus 
Smbxr.UseDatabaseQuotaDefaults = 
S_.UseDatabaseQuotaDefaults 

Smbxr.IssueWarningQuota = $_.IssueWarningQuota.Value 
Smbxr.ProhibitSendQuota = $_.ProhibitSendQuota.Value 
Smbxr.ProhibitSendReceiveQuota = 
S_.ProhibitSendReceiveQuota. Value 

Smbxr.Itemcount = Sst.Itemcount 


Smbxr.Email = $_.PrimarySmtpAddress 
Smbxr.ServerName = Sst.ServerName 

Smbxr.Company = Suser.Company 

Smbxr.Hidden = S_.HiddenFromAddressListsEnabled 
Smbxr.RecipientTypeDetails = $_.RecipientTypeDetails 
Smbxr.OrganizationalUnit $_.OrganizationalUnit 
Smbxr.UserAccountControl = $_.UserAccountControl 
Smbxr.ExchangeVersion= $_.ExchangeVersion 
SCollection += Smbxr 

} 

#export the collection to csv , define the Soutput 
path accordingly 

SCollection | export-—csv Soutput 


Set Quota 


1GB mailbox limit (must have the $false included): 


set-mailbox testmailbox —-UseDatabaseQuotaDefaults 
Sfalse —-IssueWarningQuota 997376KB —ProhibitSendQuota 
1048576KB -ProhibitSendReceiveQuota 4194304KB 

2GB mailbox limit (must have the $false included): 


set-mailbox "testmailbox" -UseDatabaseQuotaDefaults 
Sfalse —-IssueWarningQuota 1.75GB —ProhibitSendQuota 
2GB -ProhibitSendReceiveQuota 4GB 

3GB mailbox limit (must have the $false included): 


set-mailbox "testmailbox" -UseDatabaseQuotaDefaults 
Sfalse -IssueWarningQuota 2.75GB —ProhibitSendQuota 
3GB —ProhibitSendReceiveQuota 5GB 


Active Directory 


Active Directory is the lifeline of every Microsoft product. By using 
PowerShell you can automate various AD components. Thankfully, 
Microsoft created a native Active Directory module for this job. 

The following are methods that you can use for Active Directory 
scripting through PowerShell: 


° Active Directory Module 


° Quest Management Shell for Active Directory 
° ADSI (out of scope for this book) 


My favorite in the past was the Quest Management Shell followed by 
the Microsoft Active Directory Module. The Quest Shell is free and can be 
downloaded. But Microsoft has added updates, so it is at par or better now 
than Quest, in my opinion. 

One more reason for the AD module to take priority in my mind is that 
the Quest AD module is no longer free, you can still find the old version. I 
found it at the link below (if you want to use it in production, do cross 
check if there is licensing involved). 

I encourage you to use the Microsoft Active directory module but there 
are still many admins or organizations using Quest, either freely or they 
have bought it. Download the Quest AD free version (1.5.1) from this link 
(found via Google): www.powershelladmin.com/wiki/ 
Quest_ActiveRoles_Management_Shell_Download. See 
Figure 10-4. 


Download Quest ActiveRoles Mangement Shell Version 1.5.1 


Here are download links for the x64 and x86 versions of the Quest ActiveRoles AD Management Shell version 1.5.1 (last free version). 

NB! Before installing, you will be able to see that the file is signed by Quest, so the files are legit. 

They're wrapped in zip files since I already added that file type as an allowed file type to upload. Inside there's an MSI file with the same name (signed by Quest). 
« 64-bit version: Quest ActiveRolesManagementSheliforActiveDirectoryx64 151.zip 
= 32-bit version: Quest ActiveRolesManagementSheliforActiveDirectoryx86 151.zip 


Figure 10-4Showing the Quest AD module 


Exporting Group Members 


Just a single line of code will work. 


Using Quest: 
Get-QADGroupMember "group Name" select Name, Type | 
Export—Csv .\members.csv 

Using the AD module: 
Get-ADGroup —-identity "group Name" -Properties 


member | Select—-Object -ExpandProperty member | Get- 
ADUser —Properties 

DisplayName, Samaccountname,mail, employeeid | export— 
csv c:\exportgroup.csv -notypeinfo 


Setting Values for AD Attributes 


Here is the example code that can be used to set AD attributes. 


Using Quest: 


Set-QADUser —-identity samaccountname — 
ObjectAttributes @{extensionattributel0d = 
"TIntuneCommCompleted" } 

Using the AD module: 


Set-ADUser -identity samaccountanme -replace 
@{"extensionattribute1l0" = "IntuneCommCompleted" } 


Exporting Active Directory Attributes 


This example is for calling Excel as well as using Quest ©: 


# call excel for writing the results 

SobjExcel = new-object -comobject excel.application 
Sworkbook = Sob jExcel.Workbooks.Add() 
Sworksheet=Sworkbook.ActiveSheet 

SobjExcel.Visible = $False # true or false to set as 
visible on screen or not 


Scells=Sworksheet.Cells 

# define top level cell 
Scells.item(1,1)="UserId" 
Scells.item(1,2)="FirstName" 
Scells.item(1,3)="LastName" 
Scells.item(1,4)="Employeeid" 
Scells.item(1,5)="email" 
Scells.item(1,6)="Office" 
Scells.item(1,7)="Department" 
Scells.item(1,8)="Title" 
Scells.item(1,9)="Company" 
Scells.item(1,10)="City" 
Scells.item(1,11)="State" 
Scells.item(1,12)="Country" 


#intitialize row out of the loop 
Srow = 2 

#import quest management Shell 
if ( (Get-PSSnapin -—Name 


Quest .ActiveRoles.ADManagement -ErrorAction 
SilentlyContinue) -eq Snull ) 
{ 


Add-PsSnapin Quest.ActiveRoles.ADManagement 


} 

Sdata = get-gqaduser -—IncludedProperties "CO", 
"extensionattributel" #-sizelimit 0 
#loop thru users 

foreach (Si in Sdata) { 

#initialize column within the loop so that it always 
loop back to column 1 

Scol = 1 

Suserid=Si.Name 
SFisrtName=$i.givenName 
SLastName=S$i.sn 
SEmployeeid=Si.extensionattributel 
Semail=$Si.PrimarySMTPAddress 
Soffice=Si.Office 
SDepartment=$i.Department 
STitle=$i.Title 

SCompany=S$i.Company 

SCity=Si.1 

Sstate=Si.st 

SCountry=$i.Co 

Write-host 


WP LOCES SANG trina! ork 0 Se Sle whe eda EM Ss Sid eae Suserid" 
Scells.item(S$row,Scol) = Suserid 
Scolt++ 

Scells.item($row,S$col) = $FisrtName 
Scol 

Scells.item(S$row,Scol) = $LastName 
Scol 

Scells.item(Srow,$col) = SEmployeeid 
Scol 

Scells.item($row,$col) = Semail 

Scol 

Scells.item(Srow,Scol) = Soffice 
Scol 

Scells.item(Srow,$col) = SDepartment 
Scolt++ 

Scells.item($row,Scol) = $Title 
Scolt++ 

Scells.item(Srow,$col) = SCompany 
Scol 

Scells.item(Srow,$Scol) = SCity 

Scol 


Scells.item($row,Scol) = S$state 
Scol 

Scells.item(Srow,$col) = SCountry 
Scolt++ 

Srow++} 


#formatting excel 


Srange = 


SobjExcel.Range("A2") .CurrentRegion 


Srange.ColumnWidth = 30 
Srange.Borders.Color = 0 
Srange.Borders.Weight = 2 


Srange.Interior.ColorIndex = 37 
Srange.Font.Bold = Sfalse 
Srange.HorizontalAlignment = 3 

# Headings in Bold 
Scells.item(1,1).font.bold=$True 
Scells.item(1,2).font.bold=$True 
Scells.item(1,3).font.bold=$True 
Scells.item(1,4).font.bold=$True 
Scells.item(1,5).font.bold=$True 
Scells.item(1,6).font.bold=$True 
Scells.item(1,7).font.bold=$True 
Scells.item(1,8) .font.bold=$True 
Scells.item(1,9).font.bold=$True 
Scells.item(1,10) .font.bold=$True 
Scells.item(1,11).font.bold=$True 
Scells.item(1,12).font.bold=$True 
#save the excel file 

Sfilepath = "c:\exportAD.xlsx" #save the excel file 
Sworkbook.saveas ($filepath) 
Sworkbook.close() 
SobjExcel.Quit () 


Same example using the native Active Directory module: 


# call excel for writing the results 


SobjExcel = 


Sworkbook 


Sworksheet=Sworkbook.ActiveSheet 


new-object -comobject excel.application 
= SobjExcel.Workbooks.Add() 


SobjExcel.Visible = $True # true or false to set as 
visible on screen or not 
Scells=$Sworksheet.Cells 


# define top level cell 


Scells.item(1,1)="UserId" 


Scells.item(1,2)="FirstName" 
Scells.item(1,3)="LastName" 
Scells.item(1,4)="Employeeid" 
Scells.item(1,5)="email" 
Scells.item(1,6)="Office" 
Scells.item(1,7)="Department" 
Scells.item(1,8)="Title" 
Scells.item(1,9)="Company" 
Scells.item(1,10)="City" 
Scells.item(1,11)="State" 
Scells.item(1,12)="Country" 


#intitialize row out of the loop 

Srow = 2 

#import AD management Shell 

Import-module Activedirectory 

Sdata = Get-ADUser -Filter {Enabled -eq STrue} - 
Properties 
extensionattributel,mail, physicalDeliveryOfficeName, Departn 
—-ResultSetSize 1000 #define the size 

#loop thru users 

foreach ($i in $data) { 

#initialize column within the loop so that it always 

loop back to column 1 

Scol = 1 

Suserid=Si.Name 

SFisrtName=$i.givenName 

SLastName=$i.surname 

SEmployeeid=Si.extensionattributel 

Semail=Si.mail 
Soffice=$i.physicalDeliveryOfficeName 
SDepartment=$i.Department 
STitle=$i.Title 

SCompany=S$i.Company 

SCity=Si.1 

Sstate=Si.st 

SCountry=$i.COo 

Write-host 


"PLO CES SANG iS Sis tnd Saved Are a io sek eh aye edie BSkyB es Suserid" 
Scells.item(S$row,Scol) = S$userid 

Scol 

Scells.item(S$row,S$col) = $FisrtName 

Scol 


Scells.item(S$row,Scol) = $LastName 
Scol+t+ 

Scells.item(Srow,$col) = SEmployeeid 
Scolt++ 

Scells.item(S$row,$col) = Semail 
Scolt++ 

Scells.item(Srow,Scol) = Soffice 
Scol 

Scells.item(Srow,$col) = SDepartment 
Scol 

Scells.item($row,Scol) = $Title 

Scol 

Scells.item(Srow,$col) = SCompany 
Scol 

Scells.item(Srow,$col) = SCity 

Scol 

Scells.item($row,Scol) = $state 

Scol 

Scells.item(Srow,$col) = SCountry 
Scolt++ 

Srow++} 

#formatting excel 

Srange = Sob jExcel.Range("A2") .CurrentRegion 
Srange.ColumnWidth = 30 
Srange.Borders.Color = 0 
Srange.Borders.Weight = 2 
Srange.Interior.ColorIndex = 37 
Srange.Font.Bold = S$false 
Srange.HorizontalAlignment = 3 


# Headings in Bold 
] item(1,1).font.bol 


Scells. 


Scel] 


-item(1,2).font.bol 


Scel] 


-item(1,3).font.bol 


Scel] 


-item(1,4).font.bol 


Scel] 


-item(1,5).font.bol 


Scel] 
Scel] 


-item(1,6).font.bol 


Scel] 


-item(1,8).font.bol 


Scel] 


-item(1,9).font.bol 


Scel] 


-item(1,10).font.bold 


Scel] 
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-item(1,11).font.bold=STrue 
-item(1,12).font.bold=STrue 


#save the excel file 

Sfilepath = "c:\exportAD.xlsx" #save the excel file 
Sworkbook.saveas ($filepath) 

Sworkbook.close() 

SobjExcel.Quit () 


Adding Members to the Group from a 
Text File 


Using the Quest Management Shell: 


Susers = Get-Content C:\Users.txt # sSamccountnames 
of users in text file 
Sgroupname = "Group Name" 
Susers | ForEach-Object { 
Suser = S_ 
Write-host "adding $user to Sgroupname" — 
foregroundcolor green 
Add-QADGroupMember -Identity Sgroupname -Member Suser 
} 

Similarly, in the native Active Directory module : 


Susers = Get-Content C:\Users.txt # Samccountnames 
of users in text file 

Sgroupname = "Group Name" 

Susers | ForEach-Object { 

Suser = S_ 

Write-host "adding $user to Sgroupname" — 
foregroundcolor green 

Add-ADGroupMember -id Sgroupname -members Suser 


} 


Removing Members of the Group From 
a Text File 


Using the Quest Management Shell: 


Susers = Get-Content C:\Users.txt # samccountnames 
of users in text file 
Sgroupname = "Group Name" 


Susers | ForEach-Object { 
Suser = S_ 
Write-host "adding $user to Sgroupname" — 
foregroundcolor green 
Remove-QADGroupMember -Identity Sgroupname —Member 
Suser —confirm:$false 
} 
Similarly, using the native Active Directory module: 


Susers = Get-Content C:\Users.txt # samccountnames 
of users in text file 

Sgroupname = "Group Name" 

Susers | ForEach-Object { 

Suser = S_ 

Write-host "adding $user to Sgroupname" — 
foregroundcolor green 

Remove-ADGroupMember -id Sgroupname -members Suser — 
confirm:S$false 


} 


Office 365 


Office 365 is everywhere so connecting is important in day-to-day activities 
for admins. You can use vsadmin or separate functions. 

Operations: https://techwizard.cloud/2016/12/18/ 
all-in-one-office-365-powershell-connect/ 


° LaunchEOL/RemoveEOL (Exchange Online) 

° LaunchSOL/RemoveSOL (Skype online) 

° LaunchSPO/RemoveSPO (SharePoint online) 

* LaunchCOL/RemoveCOL (Security and Compliance) 

° LaunchMSOL/RemoveMSOL (MS Online Azure Active Directory) 


HHHHEEEEHH HEE EE EHEHE XChange Modern 
OnlinedtHHtHH ttt tt tH HH HEHE 
Function LaunchEOL { 


[CmdletBinding() ] 
param 


( 


[Parameter (Mandatory = S$false) ] 
SCredential 
) 
Import—Module ExchangeOnlineManagement -Prefix 
"EOL" 
Connect-ExchangeOnline -—Prefix "EOL" —-Credential 
SCredential -ShowBanner:S$false 


} 


Function RemoveEOL { 
Disconnect-ExchangeOnline -Confirm:S$false 


} 


HHEEHHEEEEHEHEESKYpOS 

On Line|etHHHHH HHH HH HEHEHE HEE EE EE HE EEE HH HE EH HEE HH HH 
function LaunchSOL 

{ 


param 
( 
[Parameter (Mandatory = Strue) ] 
SDomain, 
[Parameter (Mandatory = S$false) ] 
SCredential 


) 

Write-Host -Object "Enter Skype Online Credentials" 
-ForegroundColor Green 

Sdommicrosoft = Sdomain + ".onmicrosoft.com" 

SCSSession = New-CsOnlineSession —Credential 
SCredential -OverrideAdminDomain Sdommicrosoft 

Import-—Module (Import-—PSSession —Session $CSSession 
-AllowClobber) -Prefix SOL -Global 
} #Function LaunchSOL 


Function RemoveSOL 
{ 
SSession = Get-PSSession Where-Object — 
FilterScript { $_.ComputerName -like 
"* online.lync.com" } 
Remove-PSSession SSession 
} #Function RemoveSOL 


Het HH HEHEHE HEHE SHarepoint 
On Line##HHHH HHH HERE EERE EE HE HEHE HEHEHE SH 


function LaunchSPO 


{ 


param 
( 
[Parameter (Mandatory = Strue) ] 
SorgName, 
[Parameter (Mandatory = S$false) ] 
S$Credential 


) 

Write-Host "Enter Sharepoint Online Credentials" — 
ForegroundColor Green 

Connect-SPOService -Url "https://SorgName- 
admin.sharepoint.com" -Credential $Credential 
} #LaunchSPO 


Function RemoveSPO 
{ 

disconnect-—sposervice 
} #RemoveSPO 


####Secuirty and 
Complianced# Ht ees tee HE HEE EE EEE E EEE EEE HE EH EEE 
Function LaunchCoL { 
[CmdletBinding() ] 
param 
( 
[Parameter (Mandatory = S$false) ] 
$Credential 
) 
Import-—Module ExchangeOnlineManagement 
Connect-IPPSSession -Credential $Credential 
$s=Get-PSSession | where {$_.ComputerName -like 
"*xcompliance.protection.outlook.com" } 
Import-Module (Import-PSSession -Session $s_ - 
AllowClobber) -Prefix col -Global 
} 


Function RemoveCOL { 
Disconnect-—ExchangeOnline -Confirm:S$false 


} 


Hat Ht HH HH HH HE EE EH HH tat EE EE EH HH EEE EMSONL Tne Ht ttt HE EH HH Ht EE HHH HT 
function LaunchMSOL { 


[CmdletBinding() ] 

param 

( 
[Parameter (Mandatory = Sfalse) ] 
SCredential 

) 

import-—module msonline 

Write-Host "Enter MS Online Credentials" — 

ForegroundColor Green 
Connect-MsolService -Credential $Credential 


Function RemoveMSOL { 


Write-host "Close Powershell Window — No disconnect 
available" -ForegroundColor yellow 
} 
HEHEHE HE EEE EE EE EE HH EH HEE HE HHH EH HH HH EE EE EE EE EE EE HH EE HH HE 


Exchange Online Mailbox Report 


Now use the above function to launch the Exchange Online shell. In 
PowerShell, type LaunchEOL and supply the Exchange Online admin 
userid/password. Once you are connected to Exchange Online, run the 
following command to extract a mailboxes report from Office 365, which 
you can see in Figure 10-5: 


EX Administrator: Windows PowerShell = oO x 
PS C:\> LaunchEOL A 
cmdlet Get-Credential at command Bapeline position 1 
Supply values for the following parameters: 

Credential 

WARNING: The names of some imported commands from the module ‘tmp_ye2u3wrc.g21' include unapproved verbs that might 
make them less discoverable. To find the commands with unapproved verbs, run the Import-Module command again with the 
Verbose parameter. For a list of approved verbs, type Get-Verb. 

ModuleType Version Name ExportedCommands 


Script 1.0 tmp_ye2u3wrc. g21 {Add-EOLAvai labilityAddressSpace, Add-EOLDistributionGroup... 


PS C:\> 


Figure 10-5Showing the connection to the Exchange shell 


Get-EOLMailbox -ResultSize unlimited | Select 
Name, RecipientTypeDetails, PrimarySMTPAddress, UserPrincipall 
| export-csv c:\auditmbx.csv -notypeinfo 
If you have a large tenant, use this code instead as this will not 
throttle easily even with more than 50,000 users: 


$allmbx=Invoke-Command -Session (Get-PSSession | 
Where-Object {$S_.computerName -eq 

"out look.office365.com"}) -scriptblock {Get-—Mailbox - 
ResultSize unlimited | Select-object 
Name, RecipientTypeDetails, 
PrimarySMTPaddress, UserPrincipalname, AuditEnabled, litigatic 
} 

$allmbx | export-csv c:\data\auditmbx.csv - 
notypeinfo 


Exchange Online Message Tracking 


In Exchange Online, extracting message tracking is not the same as it is in 
Exchange on-premise, because if the results are more in number, then it 
cannot be extracted using a result size unlimited parameter. The following 
is a small script that will do the trick: 


Sindex = 1 

while (Sindex -le 1001) 

{ 

Get-EOLMessageTrace -SenderAddress 
"VikasS@techWizard.cloud" -StartDate 09/20/2019 - 
EndDate 09/25/2019 -PageSize 5000 -Page Sindex | 
export-—csv c:\messagetracking.csv -Append 

Sindex ++ 

sleep 5 

} 


Searching a Unified Log 


Office 365 uses unified audit logging and you can audit all of the activities 
using the Exchange Online shell (whether it is SharePoint Online or Teams 
or any other product within Office 365). Here is the link for more details: 
https://docs.microsoft.com/en-us/microsoft-—365/ 
compliance/search-the-audit-—log-in-security-and- 
compliance?WT.mc_id=M365-MVP-5001317 
Example of extracting Microsoft Teams activity: 


Search-EOLUnifiedAuditLog -StartDate 1/8/2019 - 
EndDate 4/7/2019 -RecordType MicrosoftTeams -UserlIds 
VikasS@sycloudpro.com -—ResultSize:5000 |export-csv 


c:\VikasS.csv -notypeinfo 
Example of extracting Exchange mailbox audit activity: 


Search-EOLUnifiedAuditLog -StartDate 10/24/2019 - 
EndDate 10/25/2019 -UserIds VikasS@syscloudpro.com - 
recordtype 
"ExchangeItemGroup", "ExchangeItem", "ExchangeAggregatedOpersé 
-ResultSize:5000 |export-csv c:\VikasS.csv - 
notypeinfo 

Example of adding or removing a role member: 


Search-EOLUnifiedAuditLog -StartDate 4/16/2019 - 
EndDate 7/15/2019 -UserIds VikasS@syscloudpro.com - 
operations "Add role member to role" -—ResultSize:5000 
|export-csv c:\VikasS.csv -notypeinfo 


Azure AD 


I have covered practical examples of Active Directory but in today’s world 
Azure AD is becoming common so here are some example from the Azure 
AD world. 

For Azure AD, you need to use connect-AzureaAD first to connect, 
and for MS Online you can use Connect—MsolService. Once 
connected, you will be able to use the following examples by updating the 
variables. 


Adding Users to an Azure AD Group 
From a Text File of UPN 


Sgroupl = "93345231-7454-4629-943b-e4245426bf" # 
Get-—Content C:\users.txt | ForEach-Object {Suser= 
S_.trim();Suser;Supn= Suser 

Sgetazureaduser = Get-AzureADUser -Filter 
"userprincipalname eq 'S(Supn)'" 
Add-AzureADGroupMember -ObjectId Sgroupl - 
RefObjectId Sgetazureaduser.ObjectId 

} 


Removing Users in an Azure AD Group 
from a Text File of UPN 


Sgroupl = "93345231-7454-4629-943b-e4245426bf" # 
Get-Content C:\users.txt | ForEach-Object {Suser= 
S_.trim();Suser;Supn= Suser 

Sgetazureaduser = Get-AzureADUser -Filter 
"userprincipalname eq 'S(Supn)'" 
Remove-AzureADGroupMember -ObjectId S$groupl - 
MemberlId S$getazureaduser.ObjectId 

} 


Checking If a User Is Already a 
Member of a Group 


Sgroupl = "93345231-7454-4629-943b-e4245426bf" # 
Sgetazmembership = Get-AzureADUserMembership —- 

ObjectId "UserObjectIda" 

if (Sgetazmembership.objectId -contains Sgroup1) { 
write-host "User is already member of the group 
groupl" 

} 


Adding Administrators to a Role 


Get-MsolRole | Sort Name | Select Name,Description 
#check role name 

SroleName = "Lync Service Administrator" 
Get-content c:\users.txt | foreach-object {$_; 


Add-MsolRoleMember -RoleMemberEmailAddress $_ - 
RoleName SroleName 


} 


Checking for Azure AD User 


Provisioning Errors 


Get-MsolUser -HasErrorsOnly | ft 
DisplayName, UserPrincipalName, @{Name="Error";Expression={ (5 
-AutoSize 
In a similar fashion, you can connect to any Microsoft product by 
checking their documentation. As for other Azure products, there is a 
command named Connect-—AzAccount for a connection to Azure. Just 
make sure that the modules are installed on your machines for whichever 
product you want to connect to in the cloud. 


Text/CSV File Operations 


Remove the header line from a CSV file 
Method 1: 


Get-Content .\abc.csv | select -skip 1 | Set-Content 
.\abcl.csv 


Method 2: 


Sa = import .\abc.csv 
$a |ForEach-Object { 
SCon_string = Snull 
SCon_string = S$_.ID, $_.GrpName -join ',' 
Write-Host S$Con_string 
Add-Content .\abc6.csv SCon_string 


Method 3 (avoids CRLF): 
Stext = [System.1I0.File]::ReadAllText ("Spwd 
\file.csv") -replace '*[*\r\n]*\r?\n' 


[System.IO.File]::WriteAllText ("Spwd\newFile.csv", 
Stext) 
Method 4 (avoids CRLF): 


Sfile = Get-Item .\example_test.csv 
Sreader = Sfile.OpenText () 

# discard the first line 

Snull = Sreader.ReadLine() 


# Write the rest of the text to the new file 
[System.I0O.File]::WriteAllText ("Spwd\newFile.csv", 
Sreader.ReadToEnd () ) 

Sreader.Close() 


Adding a header line to a text file: 
For example, you have list of employee IDs in a text file: 


14562 
67578 
65888 


Sfilep = "c:\file.txt" 

$getNetworkID = Get-Content $filep | where { $_ -ne 
wee } 
@("Employeeid") + $getNetworkID | Set- 
Content S$filep -Force #add emplyeeidheader 


Regex 


There are situations where you need to use regex for performing certain 
match operations inside your scripts. 


Tip 


You canuse https://regex101.com/ to test any regex before 
using it. 


This is how you use it in PowerShell and it will be used mainly with match 
operators. See Figures 10-6 and 10-7. 


Sregexemail "\wt ([-+.'] \wt) *@\w+ ([-.] \wt) *\.\w 
+([-.]\wt) *$" 
"sukhijav@techwizard.cloud" -match $regexemail 


SaaS SSS 
REGULAR EXPRESSION 


| aZORO VHRR NEPA” |} NEC: NMDA ZOO HANS CRaNSPA “([FA-DE)*OCRAE an 
zoH9]i(Pslalz0z9- [*PalzoF0{])2Na) +[akzoHo] (? : [elz089-J*faBz0z0]))? 


TEST STRING SWITCH TO UNIT TESTS > 


sukhija@techwizard.cloud 


Figure 10-6Showing regular expression testing 


E¥ Windows PowerShell 


Figure 10-7Showing a regular expression operation in PowerShell 
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Summary 


This is the last chapter of this book and it was all about how you can 
combine different snippets and make a script that can do a bulk load of 
work. I have shared different product examples that can be used by system 
administrators in their daily work. More scripts and hundreds of examples 
are available at https: //techwizard.cloud/downloads/. 
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